Merge lp:~dangarner/xibo/server-layout-media-permissions into lp:xibo/1.3
- server-layout-media-permissions
- Merge into faye
Proposed by
Dan Garner
Status: | Merged | ||||||||
---|---|---|---|---|---|---|---|---|---|
Merged at revision: | 220 | ||||||||
Proposed branch: | lp:~dangarner/xibo/server-layout-media-permissions | ||||||||
Merge into: | lp:xibo/1.3 | ||||||||
Diff against target: |
14520 lines (+7237/-5111) 59 files modified
server/install/database/41.sql (+218/-0) server/lib/app/kit.class.php (+13/-0) server/lib/app/permissionmanager.class.php (+83/-0) server/lib/app/responsemanager.class.php (+11/-5) server/lib/app/translationengine.class.php (+1/-1) server/lib/data/dataset.data.class.php (+148/-0) server/lib/data/datasetcolumn.data.class.php (+127/-0) server/lib/data/datasetdata.data.class.php (+84/-0) server/lib/data/datasetgroupsecurity.data.class.php (+149/-0) server/lib/data/layout.data.class.php (+21/-10) server/lib/data/layoutgroupsecurity.data.class.php (+149/-0) server/lib/data/layoutmediagroupsecurity.data.class.php (+194/-0) server/lib/data/layoutregiongroupsecurity.data.class.php (+150/-0) server/lib/data/media.data.class.php (+9/-11) server/lib/data/mediagroupsecurity.data.class.php (+188/-0) server/lib/data/schedule.data.class.php (+2/-0) server/lib/data/templategroupsecurity.data.class.php (+130/-0) server/lib/include.php (+1/-0) server/lib/js/core.js (+12/-3) server/lib/js/dataset.js (+69/-0) server/lib/js/layout.js (+3/-3) server/lib/js/mediamanager.js (+65/-117) server/lib/modules/module.class.php (+1164/-74) server/lib/pages/content.class.php (+120/-104) server/lib/pages/dataset.class.php (+1022/-0) server/lib/pages/display.class.php (+9/-9) server/lib/pages/displaygroup.class.php (+1/-1) server/lib/pages/group.class.php (+1/-1) server/lib/pages/index.class.php (+1/-1) server/lib/pages/layout.class.php (+664/-261) server/lib/pages/mediamanager.class.php (+165/-49) server/lib/pages/oauth.class.php (+1/-1) server/lib/pages/region.class.php (+94/-30) server/lib/pages/schedule.class.php (+109/-15) server/lib/pages/template.class.php (+225/-50) server/lib/pages/user.class.php (+66/-111) server/lib/service/rest.class.php (+3/-6) server/lib/xmds.inc.php (+1/-0) server/locale/dbtranslate.php (+1/-0) server/modules/counter.module.php (+340/-0) server/modules/embedded.module.php (+70/-32) server/modules/flash.module.php (+88/-914) server/modules/image.module.php (+92/-934) server/modules/microblog.module.php (+55/-14) server/modules/module_user_general.php (+382/-150) server/modules/powerpoint.module.php (+88/-914) server/modules/text.module.php (+313/-273) server/modules/ticker.module.php (+52/-17) server/modules/video.module.php (+88/-900) server/modules/webpage.module.php (+74/-46) server/template/css/calendar.css (+1/-0) server/template/css/links.css (+14/-0) server/template/css/presentation.css (+31/-1) server/template/css/xibo.css (+7/-2) server/template/footer.php (+1/-1) server/template/header.php (+10/-13) server/template/pages/dataset_view.php (+51/-0) server/template/pages/layout_edit.php (+1/-0) server/template/pages/mediamanager.php (+5/-37) |
||||||||
To merge this branch: | bzr merge lp:~dangarner/xibo/server-layout-media-permissions | ||||||||
Related bugs: |
|
||||||||
Related blueprints: |
Schedule Now
(Undefined)
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Dan Garner | Approve | ||
Review via email: mp+72121@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Dan Garner (dangarner) : | # |
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | === modified file 'server/img/forms/background_timeline.png' |
2 | Binary files server/img/forms/background_timeline.png 2008-12-10 23:48:58 +0000 and server/img/forms/background_timeline.png 2011-08-18 23:36:27 +0000 differ |
3 | === modified file 'server/install/database/41.sql' |
4 | --- server/install/database/41.sql 2011-06-05 17:18:24 +0000 |
5 | +++ server/install/database/41.sql 2011-08-18 23:36:27 +0000 |
6 | @@ -1,3 +1,221 @@ |
7 | +CREATE TABLE IF NOT EXISTS `lklayoutgroup` ( |
8 | + `LkLayoutGroupID` int(11) NOT NULL AUTO_INCREMENT, |
9 | + `LayoutID` int(11) NOT NULL, |
10 | + `GroupID` int(11) NOT NULL, |
11 | + `View` tinyint(4) NOT NULL DEFAULT '0', |
12 | + `Edit` tinyint(4) NOT NULL DEFAULT '0', |
13 | + `Del` tinyint(4) NOT NULL DEFAULT '0', |
14 | + PRIMARY KEY (`LkLayoutGroupID`), |
15 | + KEY `LayoutID` (`LayoutID`), |
16 | + KEY `GroupID` (`GroupID`) |
17 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
18 | + |
19 | +ALTER TABLE `lklayoutgroup` |
20 | + ADD CONSTRAINT `lklayoutgroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), |
21 | + ADD CONSTRAINT `lklayoutgroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`); |
22 | + |
23 | +ALTER TABLE `group` ADD `IsEveryone` TINYINT NOT NULL DEFAULT '0'; |
24 | + |
25 | +INSERT INTO `group` ( |
26 | +`groupID` , |
27 | +`group` , |
28 | +`IsUserSpecific` , |
29 | +`IsEveryone` |
30 | +) |
31 | +VALUES ( |
32 | +NULL , 'Everyone', '0', '1' |
33 | +); |
34 | + |
35 | +CREATE TABLE IF NOT EXISTS `lkmediagroup` ( |
36 | + `LkMediaGroupID` int(11) NOT NULL AUTO_INCREMENT, |
37 | + `MediaID` int(11) NOT NULL, |
38 | + `GroupID` int(11) NOT NULL, |
39 | + `View` tinyint(4) NOT NULL DEFAULT '0', |
40 | + `Edit` tinyint(4) NOT NULL DEFAULT '0', |
41 | + `Del` tinyint(4) NOT NULL DEFAULT '0', |
42 | + PRIMARY KEY (`LkMediaGroupID`), |
43 | + KEY `MediaID` (`MediaID`), |
44 | + KEY `GroupID` (`GroupID`) |
45 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
46 | + |
47 | +ALTER TABLE `lkmediagroup` |
48 | + ADD CONSTRAINT `lkmediagroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), |
49 | + ADD CONSTRAINT `lkmediagroup_ibfk_1` FOREIGN KEY (`MediaID`) REFERENCES `media` (`MediaID`); |
50 | + |
51 | +CREATE TABLE IF NOT EXISTS `lklayoutmediagroup` ( |
52 | + `LkLayoutMediaGroup` int(11) NOT NULL AUTO_INCREMENT, |
53 | + `LayoutID` int(11) NOT NULL, |
54 | + `RegionID` varchar(50) NOT NULL, |
55 | + `MediaID` varchar(50) NOT NULL, |
56 | + `GroupID` int(11) NOT NULL, |
57 | + `View` tinyint(4) NOT NULL DEFAULT '0', |
58 | + `Edit` tinyint(4) NOT NULL DEFAULT '0', |
59 | + `Del` tinyint(4) NOT NULL DEFAULT '0', |
60 | + PRIMARY KEY (`LkLayoutMediaGroup`), |
61 | + KEY `LayoutID` (`LayoutID`), |
62 | + KEY `GroupID` (`GroupID`) |
63 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
64 | + |
65 | +ALTER TABLE `lklayoutmediagroup` |
66 | + ADD CONSTRAINT `lklayoutmediagroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), |
67 | + ADD CONSTRAINT `lklayoutmediagroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`); |
68 | + |
69 | +CREATE TABLE IF NOT EXISTS `lktemplategroup` ( |
70 | + `LkTemplateGroupID` int(11) NOT NULL AUTO_INCREMENT, |
71 | + `TemplateID` int(11) NOT NULL, |
72 | + `GroupID` int(11) NOT NULL, |
73 | + `View` tinyint(4) NOT NULL DEFAULT '0', |
74 | + `Edit` tinyint(4) NOT NULL DEFAULT '0', |
75 | + `Del` tinyint(4) NOT NULL DEFAULT '0', |
76 | + PRIMARY KEY (`LkTemplateGroupID`), |
77 | + KEY `TemplateID` (`TemplateID`), |
78 | + KEY `GroupID` (`GroupID`) |
79 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
80 | + |
81 | +ALTER TABLE `lktemplategroup` |
82 | + ADD CONSTRAINT `lktemplategroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), |
83 | + ADD CONSTRAINT `lktemplategroup_ibfk_1` FOREIGN KEY (`TemplateID`) REFERENCES `template` (`TemplateID`); |
84 | + |
85 | +ALTER TABLE `layout` DROP `permissionID`; |
86 | + |
87 | +ALTER TABLE `media` DROP FOREIGN KEY `media_ibfk_1` ; |
88 | +ALTER TABLE `media` DROP `permissionID`; |
89 | + |
90 | +ALTER TABLE `template` DROP FOREIGN KEY `template_ibfk_2` ; |
91 | +ALTER TABLE `template` DROP `permissionID`; |
92 | + |
93 | +DROP TABLE `permission`; |
94 | + |
95 | +CREATE TABLE IF NOT EXISTS `lklayoutregiongroup` ( |
96 | + `LkLayoutRegionGroup` int(11) NOT NULL AUTO_INCREMENT, |
97 | + `LayoutID` int(11) NOT NULL, |
98 | + `RegionID` varchar(50) NOT NULL, |
99 | + `GroupID` int(11) NOT NULL, |
100 | + `View` tinyint(4) NOT NULL DEFAULT '0', |
101 | + `Edit` tinyint(4) NOT NULL DEFAULT '0', |
102 | + `Del` tinyint(4) NOT NULL DEFAULT '0', |
103 | + PRIMARY KEY (`LkLayoutRegionGroup`), |
104 | + KEY `LayoutID` (`LayoutID`), |
105 | + KEY `GroupID` (`GroupID`) |
106 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
107 | + |
108 | +ALTER TABLE `lklayoutregiongroup` |
109 | + ADD CONSTRAINT `lklayoutregiongroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), |
110 | + ADD CONSTRAINT `lklayoutregiongroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`); |
111 | + |
112 | +INSERT INTO lktemplategroup (TemplateID, GroupID, View) |
113 | +SELECT TemplateID, GroupId, 1 |
114 | + FROM template |
115 | + CROSS JOIN (SELECT GroupID, `Group` FROM `group` WHERE IsEveryone = 1) `group` |
116 | + WHERE IsSystem = 1; |
117 | + |
118 | +INSERT INTO `setting` ( |
119 | +`settingid` , |
120 | +`setting` , |
121 | +`value` , |
122 | +`type` , |
123 | +`helptext` , |
124 | +`options` , |
125 | +`cat` , |
126 | +`userChange` |
127 | +) |
128 | +VALUES ( |
129 | +NULL , 'REGION_OPTIONS_COLOURING', 'media', 'dropdown', NULL , 'Media Colouring|Permissions Colouring', 'permissions', '1' |
130 | +); |
131 | + |
132 | +UPDATE `setting` SET `setting` = 'LAYOUT_DEFAULT', |
133 | +`helptext` = 'New layouts will be created with these settings. If public everyone will be able to view and use this layout.' WHERE `setting`.`settingid` =2 LIMIT 1 ; |
134 | + |
135 | +UPDATE `setting` SET `setting` = 'MEDIA_DEFAULT', |
136 | +`helptext` = 'Media will be created with these settings. If public everyone will be able to view and use this media.' WHERE `setting`.`settingid` =1 LIMIT 1 ; |
137 | + |
138 | +INSERT INTO `pages` (`name`, `pagegroupID`) VALUES |
139 | +('help', 2), |
140 | +('clock', 2); |
141 | + |
142 | +INSERT INTO `module` ( |
143 | +`ModuleID` , |
144 | +`Module` , |
145 | +`Enabled` , |
146 | +`RegionSpecific` , |
147 | +`Description` , |
148 | +`ImageUri` , |
149 | +`SchemaVersion` , |
150 | +`ValidExtensions` |
151 | +) |
152 | +VALUES ( |
153 | +NULL , 'Counter', '1', '1', 'Customer Counter connected to a Remote Control', 'img/forms/webpage.gif', '1', NULL |
154 | +); |
155 | + |
156 | +INSERT INTO `pagegroup` ( |
157 | +`pagegroupID` , |
158 | +`pagegroup` |
159 | +) |
160 | +VALUES ( |
161 | +NULL , 'DataSets' |
162 | +); |
163 | + |
164 | +INSERT INTO `pages` (`name`, `pagegroupID`) |
165 | +SELECT 'dataset', pagegroupID |
166 | + FROM pagegroup |
167 | + WHERE pagegroup = 'DataSets'; |
168 | + |
169 | +INSERT INTO `menuitem` (`menuID`, `pageID`, `Text`, `sequence`) |
170 | +SELECT '4', pageID, 'DataSets', '6' |
171 | + FROM pages |
172 | + WHERE `name` = 'dataset'; |
173 | + |
174 | +CREATE TABLE IF NOT EXISTS `dataset` ( |
175 | + `DataSetID` int(11) NOT NULL AUTO_INCREMENT, |
176 | + `DataSet` varchar(50) NOT NULL, |
177 | + `Description` varchar(254) DEFAULT NULL, |
178 | + `UserID` int(11) NOT NULL, |
179 | + PRIMARY KEY (`DataSetID`), |
180 | + KEY `UserID` (`UserID`) |
181 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
182 | + |
183 | +CREATE TABLE IF NOT EXISTS `datasetcolumn` ( |
184 | + `DataSetColumnID` int(11) NOT NULL AUTO_INCREMENT, |
185 | + `DataSetID` int(11) NOT NULL, |
186 | + `Heading` varchar(50) NOT NULL, |
187 | + `DataTypeID` smallint(6) NOT NULL, |
188 | + `ListContent` varchar(255) DEFAULT NULL, |
189 | + `ColumnOrder` smallint(6) NOT NULL, |
190 | + PRIMARY KEY (`DataSetColumnID`), |
191 | + KEY `DataSetID` (`DataSetID`) |
192 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
193 | + |
194 | +ALTER TABLE `datasetcolumn` |
195 | + ADD CONSTRAINT `datasetcolumn_ibfk_1` FOREIGN KEY (`DataSetID`) REFERENCES `dataset` (`DataSetID`); |
196 | + |
197 | +CREATE TABLE IF NOT EXISTS `datasetdata` ( |
198 | + `DataSetDataID` int(11) NOT NULL AUTO_INCREMENT, |
199 | + `DataSetColumnID` int(11) NOT NULL, |
200 | + `RowNumber` int(11) NOT NULL, |
201 | + `Value` varchar(255) NOT NULL, |
202 | + PRIMARY KEY (`DataSetDataID`), |
203 | + KEY `DataColumnID` (`DataSetColumnID`) |
204 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
205 | + |
206 | +ALTER TABLE `datasetdata` |
207 | + ADD CONSTRAINT `datasetdata_ibfk_1` FOREIGN KEY (`DataSetColumnID`) REFERENCES `datasetcolumn` (`DataSetColumnID`); |
208 | + |
209 | +CREATE TABLE IF NOT EXISTS `lkdatasetgroup` ( |
210 | + `LkDataSetGroupID` int(11) NOT NULL AUTO_INCREMENT, |
211 | + `DataSetID` int(11) NOT NULL, |
212 | + `GroupID` int(11) NOT NULL, |
213 | + `View` tinyint(4) NOT NULL DEFAULT '0', |
214 | + `Edit` tinyint(4) NOT NULL DEFAULT '0', |
215 | + `Del` tinyint(4) NOT NULL DEFAULT '0', |
216 | + PRIMARY KEY (`LkDataSetGroupID`), |
217 | + KEY `DataSetID` (`DataSetID`), |
218 | + KEY `GroupID` (`GroupID`) |
219 | +) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; |
220 | + |
221 | +ALTER TABLE `lkdatasetgroup` |
222 | + ADD CONSTRAINT `lkdatasetgroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`), |
223 | + ADD CONSTRAINT `lkdatasetgroup_ibfk_1` FOREIGN KEY (`DataSetID`) REFERENCES `dataset` (`DataSetID`); |
224 | + |
225 | |
226 | |
227 | UPDATE `version` SET `app_ver` = '1.3.0', `XmdsVersion` = 2; |
228 | |
229 | === modified file 'server/lib/app/kit.class.php' |
230 | --- server/lib/app/kit.class.php 2011-02-28 16:05:59 +0000 |
231 | +++ server/lib/app/kit.class.php 2011-08-18 23:36:27 +0000 |
232 | @@ -490,5 +490,18 @@ |
233 | return mail($to, $subject, $message, $headers); |
234 | } |
235 | |
236 | + public static function SelectList($listName, $listValues, $idColumn, $nameColumn, $selectedId = '', $callBack = '') |
237 | + { |
238 | + $list = '<select name="' . $listName . '" id="' . $listName . '"' . $callBack . '>'; |
239 | + |
240 | + foreach ($listValues as $listItem) |
241 | + { |
242 | + $list .= '<option value="' . $listItem[$idColumn] . '" ' . (($listItem[$idColumn] == $selectedId) ? 'selected' : '') . '>' . $listItem[$nameColumn] . '</option>'; |
243 | + } |
244 | + |
245 | + $list .= '</select>'; |
246 | + |
247 | + return $list; |
248 | + } |
249 | } |
250 | ?> |
251 | |
252 | === added file 'server/lib/app/permissionmanager.class.php' |
253 | --- server/lib/app/permissionmanager.class.php 1970-01-01 00:00:00 +0000 |
254 | +++ server/lib/app/permissionmanager.class.php 2011-08-18 23:36:27 +0000 |
255 | @@ -0,0 +1,83 @@ |
256 | +<?php |
257 | +/* |
258 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
259 | + * Copyright (C) 2011 Daniel Garner |
260 | + * |
261 | + * This file is part of Xibo. |
262 | + * |
263 | + * Xibo is free software: you can redistribute it and/or modify |
264 | + * it under the terms of the GNU Affero General Public License as published by |
265 | + * the Free Software Foundation, either version 3 of the License, or |
266 | + * any later version. |
267 | + * |
268 | + * Xibo is distributed in the hope that it will be useful, |
269 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
270 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
271 | + * GNU Affero General Public License for more details. |
272 | + * |
273 | + * You should have received a copy of the GNU Affero General Public License |
274 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
275 | + */ |
276 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
277 | + |
278 | +class PermissionManager |
279 | +{ |
280 | + private $db; |
281 | + private $user; |
282 | + |
283 | + public $ownerId; |
284 | + |
285 | + public $view; |
286 | + public $edit; |
287 | + public $del; |
288 | + public $modifyPermissions; |
289 | + |
290 | + /** |
291 | + * Constructs the Module Manager. |
292 | + * @return |
293 | + * @param $db Object |
294 | + * @param $user Object |
295 | + */ |
296 | + public function __construct(database $db, User $user) |
297 | + { |
298 | + $this->db =& $db; |
299 | + $this->user =& $user; |
300 | + |
301 | + $this->view = false; |
302 | + $this->edit = false; |
303 | + $this->del = false; |
304 | + $this->modifyPermissions = false; |
305 | + } |
306 | + |
307 | + public function Evaluate($ownerId, $view, $edit, $del) |
308 | + { |
309 | + $user =& $this->user; |
310 | + |
311 | + $this->ownerId = $ownerId; |
312 | + $this->view = $view; |
313 | + $this->edit = $edit; |
314 | + $this->del = $del; |
315 | + |
316 | + // Basic checks first |
317 | + if ($this->user->usertypeid == 1 || $ownerId == $user->userid) |
318 | + { |
319 | + // Super admin or owner, therefore permission granted to everything |
320 | + $this->FullAccess(); |
321 | + } |
322 | + else if ($this->user->usertypeid == 2 && $this->view == 1) |
323 | + { |
324 | + // Group Admin and we have view permissions (i.e. this group is assigned to this item) |
325 | + $this->view = true; |
326 | + $this->edit = true; |
327 | + $this->del = true; |
328 | + } |
329 | + } |
330 | + |
331 | + public function FullAccess() |
332 | + { |
333 | + $this->view = true; |
334 | + $this->edit = true; |
335 | + $this->del = true; |
336 | + $this->modifyPermissions = true; |
337 | + } |
338 | +} |
339 | \ No newline at end of file |
340 | |
341 | === modified file 'server/lib/app/responsemanager.class.php' |
342 | --- server/lib/app/responsemanager.class.php 2010-05-29 11:16:24 +0000 |
343 | +++ server/lib/app/responsemanager.class.php 2011-08-18 23:36:27 +0000 |
344 | @@ -45,20 +45,25 @@ |
345 | public $refresh; |
346 | public $refreshLocation; |
347 | public $focusInFirstInput; |
348 | + public $appendHiddenSubmit; |
349 | |
350 | public $login; |
351 | public $clockUpdate; |
352 | + |
353 | + public $uniqueReference; |
354 | |
355 | public function __construct() |
356 | { |
357 | // Determine if this is an AJAX call or not |
358 | - $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false); |
359 | + $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false); |
360 | |
361 | // Assume success |
362 | - $this->success = true; |
363 | - $this->clockUpdate = false; |
364 | - $this->focusInFirstInput = true; |
365 | - $this->buttons = ''; |
366 | + $this->success = true; |
367 | + $this->clockUpdate = false; |
368 | + $this->focusInFirstInput = true; |
369 | + $this->appendHiddenSubmit = true; |
370 | + $this->uniqueReference = ''; |
371 | + $this->buttons = ''; |
372 | |
373 | return true; |
374 | } |
375 | @@ -212,6 +217,7 @@ |
376 | // General |
377 | $response['html'] = $this->html; |
378 | $response['buttons'] = $this->buttons; |
379 | + $response['uniqueReference'] = $this->uniqueReference; |
380 | |
381 | $response['success'] = $this->success; |
382 | $response['callBack'] = $this->callBack; |
383 | |
384 | === modified file 'server/lib/app/translationengine.class.php' |
385 | --- server/lib/app/translationengine.class.php 2010-09-18 15:40:51 +0000 |
386 | +++ server/lib/app/translationengine.class.php 2011-08-18 23:36:27 +0000 |
387 | @@ -75,7 +75,7 @@ |
388 | { |
389 | // Remove any quality rating (as we aren't interested) |
390 | $rawLang = explode(';', $lang); |
391 | - $lang = $rawLang[0]; |
392 | + $lang = str_replace("-", "_", $rawLang[0]); |
393 | |
394 | if (in_array($lang . '.mo', $supportedLangs)) |
395 | { |
396 | |
397 | === added file 'server/lib/data/dataset.data.class.php' |
398 | --- server/lib/data/dataset.data.class.php 1970-01-01 00:00:00 +0000 |
399 | +++ server/lib/data/dataset.data.class.php 2011-08-18 23:36:27 +0000 |
400 | @@ -0,0 +1,148 @@ |
401 | +<?php |
402 | +/* |
403 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
404 | + * Copyright (C) 2011 Daniel Garner |
405 | + * |
406 | + * This file is part of Xibo. |
407 | + * |
408 | + * Xibo is free software: you can redistribute it and/or modify |
409 | + * it under the terms of the GNU Affero General Public License as published by |
410 | + * the Free Software Foundation, either version 3 of the License, or |
411 | + * any later version. |
412 | + * |
413 | + * Xibo is distributed in the hope that it will be useful, |
414 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
415 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
416 | + * GNU Affero General Public License for more details. |
417 | + * |
418 | + * You should have received a copy of the GNU Affero General Public License |
419 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
420 | + */ |
421 | +defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser."); |
422 | + |
423 | +class DataSet extends Data |
424 | +{ |
425 | + /** |
426 | + * Add a data set |
427 | + * @param <type> $dataSet |
428 | + * @param <type> $description |
429 | + * @param <type> $userId |
430 | + * @return <type> |
431 | + */ |
432 | + public function Add($dataSet, $description, $userId) |
433 | + { |
434 | + $db =& $this->db; |
435 | + |
436 | + // Validation |
437 | + if (strlen($dataSet) > 50 || strlen($dataSet) < 1) |
438 | + { |
439 | + $this->SetError(25001, __("Name must be between 1 and 50 characters")); |
440 | + return false; |
441 | + } |
442 | + |
443 | + if (strlen($description) > 254) |
444 | + { |
445 | + $this->SetError(25002, __("Description can not be longer than 254 characters")); |
446 | + return false; |
447 | + } |
448 | + |
449 | + // Ensure there are no layouts with the same name |
450 | + $SQL = sprintf("SELECT DataSet FROM dataset WHERE DataSet = '%s' ", $dataSet); |
451 | + |
452 | + if ($db->GetSingleRow($SQL)) |
453 | + { |
454 | + trigger_error($db->error()); |
455 | + $this->SetError(25004, sprintf(__("There is already dataset called '%s'. Please choose another name."), $dataSet)); |
456 | + return false; |
457 | + } |
458 | + // End Validation |
459 | + |
460 | + $SQL = "INSERT INTO dataset (DataSet, Description, UserID) "; |
461 | + $SQL .= " VALUES ('%s', '%s', %d) "; |
462 | + |
463 | + if (!$id = $db->insert_query(sprintf($SQL, $dataSet, $description, $userId))) |
464 | + { |
465 | + trigger_error($db->error()); |
466 | + $this->SetError(25005, __('Could not add DataSet')); |
467 | + |
468 | + return false; |
469 | + } |
470 | + |
471 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSet', 'Add'); |
472 | + |
473 | + return $id; |
474 | + } |
475 | + |
476 | + /** |
477 | + * Edit a DataSet |
478 | + * @param <type> $dataSetId |
479 | + * @param <type> $dataSet |
480 | + * @param <type> $description |
481 | + */ |
482 | + public function Edit($dataSetId, $dataSet, $description) |
483 | + { |
484 | + $db =& $this->db; |
485 | + |
486 | + // Validation |
487 | + if (strlen($dataSet) > 50 || strlen($dataSet) < 1) |
488 | + { |
489 | + $this->SetError(25001, __("Name must be between 1 and 50 characters")); |
490 | + return false; |
491 | + } |
492 | + |
493 | + if (strlen($description) > 254) |
494 | + { |
495 | + $this->SetError(25002, __("Description can not be longer than 254 characters")); |
496 | + return false; |
497 | + } |
498 | + |
499 | + // Ensure there are no layouts with the same name |
500 | + $SQL = sprintf("SELECT DataSet FROM dataset WHERE DataSet = '%s' AND DataSetID <> %d ", $dataSet, $dataSetId); |
501 | + |
502 | + if ($db->GetSingleRow($SQL)) |
503 | + { |
504 | + trigger_error($db->error()); |
505 | + $this->SetError(25004, sprintf(__("There is already a dataset called '%s'. Please choose another name."), $dataSet)); |
506 | + return false; |
507 | + } |
508 | + // End Validation |
509 | + |
510 | + $SQL = "UPDATE dataset SET DataSet = '%s', Description = '%s' WHERE DataSetID = %d "; |
511 | + $SQL = sprintf($SQL, $dataSet, $description, $dataSetId); |
512 | + |
513 | + if (!$db->query($SQL)) |
514 | + { |
515 | + trigger_error($db->error()); |
516 | + $this->SetError(25005, sprintf(__('Cannot edit dataset %s'), $dataSet)); |
517 | + return false; |
518 | + } |
519 | + |
520 | + return true; |
521 | + } |
522 | + |
523 | + /** |
524 | + * Delete DataSet |
525 | + * @param <type> $dataSetId |
526 | + */ |
527 | + public function Delete($dataSetId) |
528 | + { |
529 | + $db =& $this->db; |
530 | + |
531 | + Kit::ClassLoader('datasetgroupsecurity'); |
532 | + $security = new DataSetGroupSecurity($db); |
533 | + $security->UnlinkAll($dataSetId); |
534 | + |
535 | + $SQL = "DELETE FROM dataset WHERE DataSetID = %d"; |
536 | + $SQL = sprintf($SQL, $dataSetId); |
537 | + |
538 | + if (!$db->query($SQL)) |
539 | + { |
540 | + trigger_error($db->error()); |
541 | + $this->SetError(25005, __('Cannot delete dataset')); |
542 | + return false; |
543 | + } |
544 | + |
545 | + return true; |
546 | + } |
547 | +} |
548 | +?> |
549 | \ No newline at end of file |
550 | |
551 | === added file 'server/lib/data/datasetcolumn.data.class.php' |
552 | --- server/lib/data/datasetcolumn.data.class.php 1970-01-01 00:00:00 +0000 |
553 | +++ server/lib/data/datasetcolumn.data.class.php 2011-08-18 23:36:27 +0000 |
554 | @@ -0,0 +1,127 @@ |
555 | +<?php |
556 | +/* |
557 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
558 | + * Copyright (C) 2011 Daniel Garner |
559 | + * |
560 | + * This file is part of Xibo. |
561 | + * |
562 | + * Xibo is free software: you can redistribute it and/or modify |
563 | + * it under the terms of the GNU Affero General Public License as published by |
564 | + * the Free Software Foundation, either version 3 of the License, or |
565 | + * any later version. |
566 | + * |
567 | + * Xibo is distributed in the hope that it will be useful, |
568 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
569 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
570 | + * GNU Affero General Public License for more details. |
571 | + * |
572 | + * You should have received a copy of the GNU Affero General Public License |
573 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
574 | + */ |
575 | +defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser."); |
576 | + |
577 | +class DataSetColumn extends Data |
578 | +{ |
579 | + public function Add($dataSetId, $heading, $dataTypeId, $listContent, $columnOrder = '') |
580 | + { |
581 | + $db =& $this->db; |
582 | + |
583 | + // Is the column order provided? |
584 | + if ($columnOrder == '') |
585 | + { |
586 | + $SQL = ""; |
587 | + $SQL .= "SELECT IFNULL(MAX(ColumnOrder), 1) AS ColumnOrder "; |
588 | + $SQL .= " FROM datasetcolumn "; |
589 | + $SQL .= sprintf("WHERE datasetID = %d ", $dataSetId); |
590 | + |
591 | + if (!$columnOrder = $db->GetSingleValue($SQL, 'ColumnOrder', _INT)) |
592 | + { |
593 | + trigger_error($db->error()); |
594 | + return $this->SetError(25005, __('Could not determine the Column Order')); |
595 | + } |
596 | + } |
597 | + |
598 | + $SQL = "INSERT INTO datasetcolumn (DataSetID, Heading, DataTypeID, ListContent, ColumnOrder) "; |
599 | + $SQL .= " VALUES (%d, '%s', %d, '%s', %d) "; |
600 | + $SQL = sprintf($SQL, $dataSetId, $heading, $dataTypeId, $listContent, $columnOrder); |
601 | + |
602 | + if (!$id = $db->insert_query($SQL)) |
603 | + { |
604 | + trigger_error($db->error()); |
605 | + return $this->SetError(25005, __('Could not add DataSet Column')); |
606 | + } |
607 | + |
608 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Add'); |
609 | + |
610 | + return $id; |
611 | + } |
612 | + |
613 | + public function Edit($dataSetColumnId, $heading, $dataTypeId, $listContent, $columnOrder) |
614 | + { |
615 | + $db =& $this->db; |
616 | + |
617 | + // Validation |
618 | + if ($listContent != '') |
619 | + { |
620 | + $list = explode(',', $listContent); |
621 | + |
622 | + // We can check this is valid by building up a NOT IN sql statement, if we get results.. we know its not good |
623 | + $select = ''; |
624 | + |
625 | + for ($i=0; $i < count($list); $i++) |
626 | + { |
627 | + $list_val = $list[$i]; |
628 | + $select .= "'$list_val',"; |
629 | + } |
630 | + |
631 | + $select = rtrim($select, ','); |
632 | + |
633 | + $SQL = sprintf("SELECT DataSetDataID FROM datasetdata WHERE DataColumnID = %d AND Value NOT IN (%s)", $dataSetColumnId, $select); |
634 | + |
635 | + if (!$results = $db->query($SQL)) |
636 | + { |
637 | + trigger_error($db->error()); |
638 | + return $this->SetError(25005, __('Could not edit DataSet Column')); |
639 | + } |
640 | + |
641 | + if ($db->num_rows($results) > 0) |
642 | + return $this->SetError(25005, __('New list content value is invalid as it doesnt include values for existing data')); |
643 | + } |
644 | + |
645 | + $SQL = "UPDATE datasetcolumn SET Heading = '%s', ListContent = '%s', ColumnOrder = %d "; |
646 | + $SQL .= " WHERE DataSetColumnID = %d"; |
647 | + |
648 | + $SQL = sprintf($SQL, $heading, $listContent, $columnOrder, $dataSetColumnId); |
649 | + |
650 | + if (!$db->query($SQL)) |
651 | + { |
652 | + trigger_error($db->error()); |
653 | + return $this->SetError(25005, __('Could not edit DataSet Column')); |
654 | + } |
655 | + |
656 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Edit'); |
657 | + |
658 | + return true; |
659 | + } |
660 | + |
661 | + public function Delete($dataSetColumnId) |
662 | + { |
663 | + $db =& $this->db; |
664 | + |
665 | + $SQL = "DELETE FROM datasetcolumn "; |
666 | + $SQL .= " WHERE DataSetColumnID = %d"; |
667 | + |
668 | + $SQL = sprintf($SQL, $dataSetColumnId); |
669 | + |
670 | + if (!$db->query($SQL)) |
671 | + { |
672 | + trigger_error($db->error()); |
673 | + return $this->SetError(25005, __('Could not delete DataSet Column')); |
674 | + } |
675 | + |
676 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Delete'); |
677 | + |
678 | + return true; |
679 | + } |
680 | +} |
681 | +?> |
682 | \ No newline at end of file |
683 | |
684 | === added file 'server/lib/data/datasetdata.data.class.php' |
685 | --- server/lib/data/datasetdata.data.class.php 1970-01-01 00:00:00 +0000 |
686 | +++ server/lib/data/datasetdata.data.class.php 2011-08-18 23:36:27 +0000 |
687 | @@ -0,0 +1,84 @@ |
688 | +<?php |
689 | +/* |
690 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
691 | + * Copyright (C) 2011 Daniel Garner |
692 | + * |
693 | + * This file is part of Xibo. |
694 | + * |
695 | + * Xibo is free software: you can redistribute it and/or modify |
696 | + * it under the terms of the GNU Affero General Public License as published by |
697 | + * the Free Software Foundation, either version 3 of the License, or |
698 | + * any later version. |
699 | + * |
700 | + * Xibo is distributed in the hope that it will be useful, |
701 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
702 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
703 | + * GNU Affero General Public License for more details. |
704 | + * |
705 | + * You should have received a copy of the GNU Affero General Public License |
706 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
707 | + */ |
708 | +defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser."); |
709 | + |
710 | +class DataSetData extends Data |
711 | +{ |
712 | + public function Add($dataSetColumnId, $rowNumber, $value) |
713 | + { |
714 | + $db =& $this->db; |
715 | + |
716 | + $SQL = "INSERT INTO datasetdata (DataSetColumnID, RowNumber, Value) "; |
717 | + $SQL .= " VALUES (%d, %d, '%s') "; |
718 | + $SQL = sprintf($SQL, $dataSetColumnId, $rowNumber, $value); |
719 | + |
720 | + if (!$id = $db->insert_query($SQL)) |
721 | + { |
722 | + trigger_error($db->error()); |
723 | + return $this->SetError(25005, __('Could not add DataSet Data')); |
724 | + } |
725 | + |
726 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Add'); |
727 | + |
728 | + return $id; |
729 | + } |
730 | + |
731 | + public function Edit($dataSetColumnId, $rowNumber, $value) |
732 | + { |
733 | + $db =& $this->db; |
734 | + |
735 | + $SQL = "UPDATE datasetdata SET Value = '%s' "; |
736 | + $SQL .= " WHERE DataSetColumnID = %d AND RowNumber = %d"; |
737 | + |
738 | + $SQL = sprintf($SQL, $value, $dataSetColumnId, $rowNumber); |
739 | + |
740 | + if (!$db->query($SQL)) |
741 | + { |
742 | + trigger_error($db->error()); |
743 | + return $this->SetError(25005, __('Could not edit DataSet Data')); |
744 | + } |
745 | + |
746 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Edit'); |
747 | + |
748 | + return true; |
749 | + } |
750 | + |
751 | + public function Delete($dataSetColumnId, $rowNumber) |
752 | + { |
753 | + $db =& $this->db; |
754 | + |
755 | + $SQL = "DELETE FROM datasetdata "; |
756 | + $SQL .= " WHERE DataSetColumnID = %d AND RowNumber = %d"; |
757 | + |
758 | + $SQL = sprintf($SQL, $dataSetColumnId, $rowNumber); |
759 | + |
760 | + if (!$db->query($SQL)) |
761 | + { |
762 | + trigger_error($db->error()); |
763 | + return $this->SetError(25005, __('Could not delete Data for Column/Row')); |
764 | + } |
765 | + |
766 | + Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Delete'); |
767 | + |
768 | + return true; |
769 | + } |
770 | +} |
771 | +?> |
772 | \ No newline at end of file |
773 | |
774 | === added file 'server/lib/data/datasetgroupsecurity.data.class.php' |
775 | --- server/lib/data/datasetgroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 |
776 | +++ server/lib/data/datasetgroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 |
777 | @@ -0,0 +1,149 @@ |
778 | +<?php |
779 | +/* |
780 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
781 | + * Copyright (C) 2011 Daniel Garner |
782 | + * |
783 | + * This file is part of Xibo. |
784 | + * |
785 | + * Xibo is free software: you can redistribute it and/or modify |
786 | + * it under the terms of the GNU Affero General Public License as published by |
787 | + * the Free Software Foundation, either version 3 of the License, or |
788 | + * any later version. |
789 | + * |
790 | + * Xibo is distributed in the hope that it will be useful, |
791 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
792 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
793 | + * GNU Affero General Public License for more details. |
794 | + * |
795 | + * You should have received a copy of the GNU Affero General Public License |
796 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
797 | + */ |
798 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
799 | + |
800 | +class DataSetGroupSecurity extends Data |
801 | +{ |
802 | + public function __construct(database $db) |
803 | + { |
804 | + parent::__construct($db); |
805 | + } |
806 | + |
807 | + /** |
808 | + * Links a Display Group to a Group |
809 | + * @return |
810 | + * @param $displayGroupID Object |
811 | + * @param $groupID Object |
812 | + */ |
813 | + public function Link($dataSetId, $groupId, $view, $edit, $del) |
814 | + { |
815 | + $db =& $this->db; |
816 | + |
817 | + Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Link'); |
818 | + |
819 | + $SQL = ""; |
820 | + $SQL .= "INSERT "; |
821 | + $SQL .= "INTO lkdatasetgroup "; |
822 | + $SQL .= " ( "; |
823 | + $SQL .= " DataSetID, "; |
824 | + $SQL .= " GroupID, "; |
825 | + $SQL .= " View, "; |
826 | + $SQL .= " Edit, "; |
827 | + $SQL .= " Del "; |
828 | + $SQL .= " ) "; |
829 | + $SQL .= " VALUES "; |
830 | + $SQL .= " ( "; |
831 | + $SQL .= sprintf(" %d, %d, %d, %d, %d ", $dataSetId, $groupId, $view, $edit, $del); |
832 | + $SQL .= " )"; |
833 | + |
834 | + if (!$db->query($SQL)) |
835 | + { |
836 | + trigger_error($db->error()); |
837 | + $this->SetError(25024, __('Could not Link DataSet to Group')); |
838 | + |
839 | + return false; |
840 | + } |
841 | + |
842 | + Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Link'); |
843 | + |
844 | + return true; |
845 | + } |
846 | + |
847 | + /** |
848 | + * Links everyone to the layout specified |
849 | + * @param <type> $layoutId |
850 | + * @param <type> $view |
851 | + * @param <type> $edit |
852 | + * @param <type> $del |
853 | + * @return <type> |
854 | + */ |
855 | + public function LinkEveryone($dataSetId, $view, $edit, $del) |
856 | + { |
857 | + $db =& $this->db; |
858 | + |
859 | + Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'LinkEveryone'); |
860 | + |
861 | + $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); |
862 | + |
863 | + return $this->Link($dataSetId, $groupId, $view, $edit, $del); |
864 | + } |
865 | + |
866 | + /** |
867 | + * Unlinks a display group from a group |
868 | + * @return |
869 | + * @param $displayGroupID Object |
870 | + * @param $groupID Object |
871 | + */ |
872 | + public function Unlink($dataSetId, $groupId) |
873 | + { |
874 | + $db =& $this->db; |
875 | + |
876 | + Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Unlink'); |
877 | + |
878 | + $SQL = ""; |
879 | + $SQL .= "DELETE FROM "; |
880 | + $SQL .= " lkdatasetgroup "; |
881 | + $SQL .= sprintf(" WHERE DataSetID = %d AND GroupID = %d ", $dataSetId, $groupId); |
882 | + |
883 | + if (!$db->query($SQL)) |
884 | + { |
885 | + trigger_error($db->error()); |
886 | + $this->SetError(25025, __('Could not Unlink DataSet from Group')); |
887 | + |
888 | + return false; |
889 | + } |
890 | + |
891 | + Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Unlink'); |
892 | + |
893 | + return true; |
894 | + } |
895 | + |
896 | + /** |
897 | + * Unlinks a display group from a group |
898 | + * @return |
899 | + * @param $displayGroupID Object |
900 | + * @param $groupID Object |
901 | + */ |
902 | + public function UnlinkAll($dataSetId) |
903 | + { |
904 | + $db =& $this->db; |
905 | + |
906 | + Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Unlink'); |
907 | + |
908 | + $SQL = ""; |
909 | + $SQL .= "DELETE FROM "; |
910 | + $SQL .= " lkdatasetgroup "; |
911 | + $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId); |
912 | + |
913 | + if (!$db->query($SQL)) |
914 | + { |
915 | + trigger_error($db->error()); |
916 | + $this->SetError(25025, __('Could not Unlink DataSet from Group')); |
917 | + |
918 | + return false; |
919 | + } |
920 | + |
921 | + Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Unlink'); |
922 | + |
923 | + return true; |
924 | + } |
925 | +} |
926 | +?> |
927 | \ No newline at end of file |
928 | |
929 | === modified file 'server/lib/data/layout.data.class.php' |
930 | --- server/lib/data/layout.data.class.php 2011-01-07 22:03:11 +0000 |
931 | +++ server/lib/data/layout.data.class.php 2011-08-18 23:36:27 +0000 |
932 | @@ -29,13 +29,12 @@ |
933 | * Add a layout |
934 | * @param <type> $layout |
935 | * @param <type> $description |
936 | - * @param <type> $permissionid |
937 | * @param <type> $tags |
938 | * @param <type> $userid |
939 | * @param <type> $templateId |
940 | * @return <type> |
941 | */ |
942 | - public function Add($layout, $description, $permissionid, $tags, $userid, $templateId) |
943 | + public function Add($layout, $description, $tags, $userid, $templateId) |
944 | { |
945 | $db =& $this->db; |
946 | $currentdate = date("Y-m-d H:i:s"); |
947 | @@ -75,17 +74,17 @@ |
948 | Debug::LogEntry($db, 'audit', 'Validation Compelte', 'Layout', 'Add'); |
949 | |
950 | // Get the XML for this template. |
951 | - $templateXml = $this->GetTemplateXml($templateId); |
952 | + $templateXml = $this->GetTemplateXml($templateId, $userid); |
953 | |
954 | Debug::LogEntry($db, 'audit', 'Retrieved template xml', 'Layout', 'Add'); |
955 | |
956 | $SQL = <<<END |
957 | - INSERT INTO layout (layout, description, userID, permissionID, createdDT, modifiedDT, tags, xml) |
958 | - VALUES ('%s', '%s', %d, %d, '%s', '%s', '%s', '%s') |
959 | + INSERT INTO layout (layout, description, userID, createdDT, modifiedDT, tags, xml) |
960 | + VALUES ('%s', '%s', %d, %d, '%s', '%s', '%s') |
961 | END; |
962 | |
963 | $SQL = sprintf($SQL, $db->escape_string($layout), |
964 | - $db->escape_string($description), $userid, $permissionid, |
965 | + $db->escape_string($description), $userid, |
966 | $db->escape_string($currentdate), |
967 | $db->escape_string($currentdate), |
968 | $db->escape_string($tags), |
969 | @@ -124,7 +123,7 @@ |
970 | * Gets the XML for the specified template id |
971 | * @param <type> $templateId |
972 | */ |
973 | - private function GetTemplateXml($templateId) |
974 | + private function GetTemplateXml($templateId, $userId) |
975 | { |
976 | $db =& $this->db; |
977 | |
978 | @@ -149,7 +148,16 @@ |
979 | if (!$row = $db->GetSingleRow(sprintf("SELECT xml FROM template WHERE templateID = %d ", $templateId))) |
980 | trigger_error(__('Error getting this template.'), E_USER_ERROR); |
981 | |
982 | - $xml = $row['xml']; |
983 | + $xmlDoc = new DOMDocument("1.0"); |
984 | + $xmlDoc->loadXML($row['xml']); |
985 | + |
986 | + $regionNodeList = $xmlDoc->getElementsByTagName('region'); |
987 | + |
988 | + //get the regions |
989 | + foreach ($regionNodeList as $region) |
990 | + $region->setAttribute('userId', $userId); |
991 | + |
992 | + $xml = $xmlDoc->saveXML(); |
993 | } |
994 | |
995 | return $xml; |
996 | @@ -348,8 +356,8 @@ |
997 | |
998 | // The Layout ID is the old layout |
999 | $SQL = ""; |
1000 | - $SQL .= " INSERT INTO layout (layout, permissionID, xml, userID, description, tags, templateID, retired, duration, background, createdDT, modifiedDT) "; |
1001 | - $SQL .= " SELECT '%s', permissionID, xml, %d, description, tags, templateID, retired, duration, background, '%s', '%s' "; |
1002 | + $SQL .= " INSERT INTO layout (layout, xml, userID, description, tags, templateID, retired, duration, background, createdDT, modifiedDT) "; |
1003 | + $SQL .= " SELECT '%s', xml, %d, description, tags, templateID, retired, duration, background, '%s', '%s' "; |
1004 | $SQL .= " FROM layout "; |
1005 | $SQL .= " WHERE layoutid = %d"; |
1006 | $SQL = sprintf($SQL, $db->escape_string($newLayoutName), $userId, $db->escape_string($currentdate), $db->escape_string($currentdate), $oldLayoutId); |
1007 | @@ -427,6 +435,9 @@ |
1008 | $db =& $this->db; |
1009 | |
1010 | // Remove all LK records for this layout |
1011 | + $db->query(sprintf('DELETE FROM lklayoutgroup WHERE layoutid = %d', $layoutId)); |
1012 | + $db->query(sprintf('DELETE FROM lklayoutmediagroup WHERE layoutid = %d', $layoutId)); |
1013 | + $db->query(sprintf('DELETE FROM lklayoutregiongroup WHERE layoutid = %d', $layoutId)); |
1014 | $db->query(sprintf('DELETE FROM lklayoutmedia WHERE layoutid = %d', $layoutId)); |
1015 | |
1016 | // Remove the Layout |
1017 | |
1018 | === added file 'server/lib/data/layoutgroupsecurity.data.class.php' |
1019 | --- server/lib/data/layoutgroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 |
1020 | +++ server/lib/data/layoutgroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 |
1021 | @@ -0,0 +1,149 @@ |
1022 | +<?php |
1023 | +/* |
1024 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
1025 | + * Copyright (C) 2011 Daniel Garner |
1026 | + * |
1027 | + * This file is part of Xibo. |
1028 | + * |
1029 | + * Xibo is free software: you can redistribute it and/or modify |
1030 | + * it under the terms of the GNU Affero General Public License as published by |
1031 | + * the Free Software Foundation, either version 3 of the License, or |
1032 | + * any later version. |
1033 | + * |
1034 | + * Xibo is distributed in the hope that it will be useful, |
1035 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
1036 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
1037 | + * GNU Affero General Public License for more details. |
1038 | + * |
1039 | + * You should have received a copy of the GNU Affero General Public License |
1040 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
1041 | + */ |
1042 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
1043 | + |
1044 | +class LayoutGroupSecurity extends Data |
1045 | +{ |
1046 | + public function __construct(database $db) |
1047 | + { |
1048 | + parent::__construct($db); |
1049 | + } |
1050 | + |
1051 | + /** |
1052 | + * Links a Display Group to a Group |
1053 | + * @return |
1054 | + * @param $displayGroupID Object |
1055 | + * @param $groupID Object |
1056 | + */ |
1057 | + public function Link($layoutId, $groupId, $view, $edit, $del) |
1058 | + { |
1059 | + $db =& $this->db; |
1060 | + |
1061 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Link'); |
1062 | + |
1063 | + $SQL = ""; |
1064 | + $SQL .= "INSERT "; |
1065 | + $SQL .= "INTO lklayoutgroup "; |
1066 | + $SQL .= " ( "; |
1067 | + $SQL .= " LayoutID, "; |
1068 | + $SQL .= " GroupID, "; |
1069 | + $SQL .= " View, "; |
1070 | + $SQL .= " Edit, "; |
1071 | + $SQL .= " Del "; |
1072 | + $SQL .= " ) "; |
1073 | + $SQL .= " VALUES "; |
1074 | + $SQL .= " ( "; |
1075 | + $SQL .= sprintf(" %d, %d, %d, %d, %d ", $layoutId, $groupId, $view, $edit, $del); |
1076 | + $SQL .= " )"; |
1077 | + |
1078 | + if (!$db->query($SQL)) |
1079 | + { |
1080 | + trigger_error($db->error()); |
1081 | + $this->SetError(25024, __('Could not Link Layout to Group')); |
1082 | + |
1083 | + return false; |
1084 | + } |
1085 | + |
1086 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Link'); |
1087 | + |
1088 | + return true; |
1089 | + } |
1090 | + |
1091 | + /** |
1092 | + * Links everyone to the layout specified |
1093 | + * @param <type> $layoutId |
1094 | + * @param <type> $view |
1095 | + * @param <type> $edit |
1096 | + * @param <type> $del |
1097 | + * @return <type> |
1098 | + */ |
1099 | + public function LinkEveryone($layoutId, $view, $edit, $del) |
1100 | + { |
1101 | + $db =& $this->db; |
1102 | + |
1103 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'LinkEveryone'); |
1104 | + |
1105 | + $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); |
1106 | + |
1107 | + return $this->Link($layoutId, $groupId, $view, $edit, $del); |
1108 | + } |
1109 | + |
1110 | + /** |
1111 | + * Unlinks a display group from a group |
1112 | + * @return |
1113 | + * @param $displayGroupID Object |
1114 | + * @param $groupID Object |
1115 | + */ |
1116 | + public function Unlink($layoutId, $groupId) |
1117 | + { |
1118 | + $db =& $this->db; |
1119 | + |
1120 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Unlink'); |
1121 | + |
1122 | + $SQL = ""; |
1123 | + $SQL .= "DELETE FROM "; |
1124 | + $SQL .= " lklayoutgroup "; |
1125 | + $SQL .= sprintf(" WHERE LayoutID = %d AND GroupID = %d ", $layoutId, $groupId); |
1126 | + |
1127 | + if (!$db->query($SQL)) |
1128 | + { |
1129 | + trigger_error($db->error()); |
1130 | + $this->SetError(25025, __('Could not Unlink Layout from Group')); |
1131 | + |
1132 | + return false; |
1133 | + } |
1134 | + |
1135 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Unlink'); |
1136 | + |
1137 | + return true; |
1138 | + } |
1139 | + |
1140 | + /** |
1141 | + * Unlinks a display group from a group |
1142 | + * @return |
1143 | + * @param $displayGroupID Object |
1144 | + * @param $groupID Object |
1145 | + */ |
1146 | + public function UnlinkAll($layoutId) |
1147 | + { |
1148 | + $db =& $this->db; |
1149 | + |
1150 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Unlink'); |
1151 | + |
1152 | + $SQL = ""; |
1153 | + $SQL .= "DELETE FROM "; |
1154 | + $SQL .= " lklayoutgroup "; |
1155 | + $SQL .= sprintf(" WHERE LayoutID = %d ", $layoutId); |
1156 | + |
1157 | + if (!$db->query($SQL)) |
1158 | + { |
1159 | + trigger_error($db->error()); |
1160 | + $this->SetError(25025, __('Could not Unlink Layout from Group')); |
1161 | + |
1162 | + return false; |
1163 | + } |
1164 | + |
1165 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Unlink'); |
1166 | + |
1167 | + return true; |
1168 | + } |
1169 | +} |
1170 | +?> |
1171 | \ No newline at end of file |
1172 | |
1173 | === added file 'server/lib/data/layoutmediagroupsecurity.data.class.php' |
1174 | --- server/lib/data/layoutmediagroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 |
1175 | +++ server/lib/data/layoutmediagroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 |
1176 | @@ -0,0 +1,194 @@ |
1177 | +<?php |
1178 | +/* |
1179 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
1180 | + * Copyright (C) 2011 Daniel Garner |
1181 | + * |
1182 | + * This file is part of Xibo. |
1183 | + * |
1184 | + * Xibo is free software: you can redistribute it and/or modify |
1185 | + * it under the terms of the GNU Affero General Public License as published by |
1186 | + * the Free Software Foundation, either version 3 of the License, or |
1187 | + * any later version. |
1188 | + * |
1189 | + * Xibo is distributed in the hope that it will be useful, |
1190 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
1191 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
1192 | + * GNU Affero General Public License for more details. |
1193 | + * |
1194 | + * You should have received a copy of the GNU Affero General Public License |
1195 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
1196 | + */ |
1197 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
1198 | + |
1199 | +class LayoutMediaGroupSecurity extends Data |
1200 | +{ |
1201 | + public function __construct(database $db) |
1202 | + { |
1203 | + parent::__construct($db); |
1204 | + } |
1205 | + |
1206 | + /** |
1207 | + * Links a Display Group to a Group |
1208 | + * @return |
1209 | + * @param $displayGroupID Object |
1210 | + * @param $groupID Object |
1211 | + */ |
1212 | + public function Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del) |
1213 | + { |
1214 | + $db =& $this->db; |
1215 | + |
1216 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Link'); |
1217 | + |
1218 | + $SQL = ""; |
1219 | + $SQL .= "INSERT "; |
1220 | + $SQL .= "INTO lklayoutmediagroup "; |
1221 | + $SQL .= " ( "; |
1222 | + $SQL .= " LayoutID, "; |
1223 | + $SQL .= " RegionID, "; |
1224 | + $SQL .= " MediaID, "; |
1225 | + $SQL .= " GroupID, "; |
1226 | + $SQL .= " View, "; |
1227 | + $SQL .= " Edit, "; |
1228 | + $SQL .= " Del "; |
1229 | + $SQL .= " ) "; |
1230 | + $SQL .= " VALUES "; |
1231 | + $SQL .= " ( "; |
1232 | + $SQL .= sprintf(" %d, '%s', '%s', %d, %d, %d, %d ", $layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del); |
1233 | + $SQL .= " )"; |
1234 | + |
1235 | + if (!$db->query($SQL)) |
1236 | + { |
1237 | + trigger_error($db->error()); |
1238 | + $this->SetError(25026, __('Could not Link Layout Media to Group')); |
1239 | + |
1240 | + return false; |
1241 | + } |
1242 | + |
1243 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Link'); |
1244 | + |
1245 | + return true; |
1246 | + } |
1247 | + |
1248 | + /** |
1249 | + * Links everyone to the layout specified |
1250 | + * @param <type> $layoutId |
1251 | + * @param <type> $view |
1252 | + * @param <type> $edit |
1253 | + * @param <type> $del |
1254 | + * @return <type> |
1255 | + */ |
1256 | + public function LinkEveryone($layoutId, $regionId, $mediaId, $view, $edit, $del) |
1257 | + { |
1258 | + $db =& $this->db; |
1259 | + |
1260 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'LinkEveryone'); |
1261 | + |
1262 | + $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); |
1263 | + |
1264 | + return $this->Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del); |
1265 | + } |
1266 | + |
1267 | + /** |
1268 | + * Unlinks a display group from a group |
1269 | + * @return |
1270 | + * @param $displayGroupID Object |
1271 | + * @param $groupID Object |
1272 | + */ |
1273 | + public function Unlink($layoutId, $regionId, $mediaId, $groupId) |
1274 | + { |
1275 | + $db =& $this->db; |
1276 | + |
1277 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Unlink'); |
1278 | + |
1279 | + $SQL = ""; |
1280 | + $SQL .= "DELETE FROM "; |
1281 | + $SQL .= " lklayoutmediagroup "; |
1282 | + $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' AND GroupID = %d ", $layoutId, $regionId, $mediaId, $groupId); |
1283 | + |
1284 | + if (!$db->query($SQL)) |
1285 | + { |
1286 | + trigger_error($db->error()); |
1287 | + $this->SetError(25027, __('Could not Unlink Layout Media from Group')); |
1288 | + |
1289 | + return false; |
1290 | + } |
1291 | + |
1292 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Unlink'); |
1293 | + |
1294 | + return true; |
1295 | + } |
1296 | + |
1297 | + /** |
1298 | + * Unlinks a display group from a group |
1299 | + * @return |
1300 | + * @param $displayGroupID Object |
1301 | + * @param $groupID Object |
1302 | + */ |
1303 | + public function UnlinkAll($layoutId, $regionId, $mediaId) |
1304 | + { |
1305 | + $db =& $this->db; |
1306 | + |
1307 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Unlink'); |
1308 | + |
1309 | + $SQL = ""; |
1310 | + $SQL .= "DELETE FROM "; |
1311 | + $SQL .= " lklayoutmediagroup "; |
1312 | + $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' ", $layoutId, $regionId, $mediaId); |
1313 | + |
1314 | + if (!$db->query($SQL)) |
1315 | + { |
1316 | + trigger_error($db->error()); |
1317 | + $this->SetError(25028, __('Could not Unlink Layout Media from Group')); |
1318 | + |
1319 | + return false; |
1320 | + } |
1321 | + |
1322 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Unlink'); |
1323 | + |
1324 | + return true; |
1325 | + } |
1326 | + |
1327 | + /** |
1328 | + * Copies a media items permissions |
1329 | + * @param <type> $layoutId |
1330 | + * @param <type> $regionId |
1331 | + * @param <type> $mediaId |
1332 | + * @param <type> $newMediaId |
1333 | + * @return <type> |
1334 | + */ |
1335 | + public function Copy($layoutId, $regionId, $mediaId, $newMediaId) |
1336 | + { |
1337 | + $db =& $this->db; |
1338 | + |
1339 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Copy'); |
1340 | + |
1341 | + $SQL = ""; |
1342 | + $SQL .= "INSERT "; |
1343 | + $SQL .= "INTO lklayoutmediagroup "; |
1344 | + $SQL .= " ( "; |
1345 | + $SQL .= " LayoutID, "; |
1346 | + $SQL .= " RegionID, "; |
1347 | + $SQL .= " MediaID, "; |
1348 | + $SQL .= " GroupID, "; |
1349 | + $SQL .= " View, "; |
1350 | + $SQL .= " Edit, "; |
1351 | + $SQL .= " Del "; |
1352 | + $SQL .= " ) "; |
1353 | + $SQL .= " SELECT LayoutID, RegionID, '%s', GroupID, View, Edit, Del "; |
1354 | + $SQL .= " FROM lklayoutmediagroup "; |
1355 | + $SQL .= " WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' "; |
1356 | + |
1357 | + $SQL = sprintf($SQL, $newMediaId, $layoutId, $regionId, $mediaId); |
1358 | + |
1359 | + if (!$db->query($SQL)) |
1360 | + { |
1361 | + trigger_error($db->error()); |
1362 | + $this->SetError(25028, __('Could not Copy Layout Media Security')); |
1363 | + |
1364 | + return false; |
1365 | + } |
1366 | + |
1367 | + return true; |
1368 | + } |
1369 | +} |
1370 | +?> |
1371 | \ No newline at end of file |
1372 | |
1373 | === added file 'server/lib/data/layoutregiongroupsecurity.data.class.php' |
1374 | --- server/lib/data/layoutregiongroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 |
1375 | +++ server/lib/data/layoutregiongroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 |
1376 | @@ -0,0 +1,150 @@ |
1377 | +<?php |
1378 | +/* |
1379 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
1380 | + * Copyright (C) 2011 Daniel Garner |
1381 | + * |
1382 | + * This file is part of Xibo. |
1383 | + * |
1384 | + * Xibo is free software: you can redistribute it and/or modify |
1385 | + * it under the terms of the GNU Affero General Public License as published by |
1386 | + * the Free Software Foundation, either version 3 of the License, or |
1387 | + * any later version. |
1388 | + * |
1389 | + * Xibo is distributed in the hope that it will be useful, |
1390 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
1391 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
1392 | + * GNU Affero General Public License for more details. |
1393 | + * |
1394 | + * You should have received a copy of the GNU Affero General Public License |
1395 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
1396 | + */ |
1397 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
1398 | + |
1399 | +class LayoutRegionGroupSecurity extends Data |
1400 | +{ |
1401 | + public function __construct(database $db) |
1402 | + { |
1403 | + parent::__construct($db); |
1404 | + } |
1405 | + |
1406 | + /** |
1407 | + * Links a Display Group to a Group |
1408 | + * @return |
1409 | + * @param $displayGroupID Object |
1410 | + * @param $groupID Object |
1411 | + */ |
1412 | + public function Link($layoutId, $regionId, $groupId, $view, $edit, $del) |
1413 | + { |
1414 | + $db =& $this->db; |
1415 | + |
1416 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Link'); |
1417 | + |
1418 | + $SQL = ""; |
1419 | + $SQL .= "INSERT "; |
1420 | + $SQL .= "INTO lklayoutregiongroup "; |
1421 | + $SQL .= " ( "; |
1422 | + $SQL .= " LayoutID, "; |
1423 | + $SQL .= " RegionID, "; |
1424 | + $SQL .= " GroupID, "; |
1425 | + $SQL .= " View, "; |
1426 | + $SQL .= " Edit, "; |
1427 | + $SQL .= " Del "; |
1428 | + $SQL .= " ) "; |
1429 | + $SQL .= " VALUES "; |
1430 | + $SQL .= " ( "; |
1431 | + $SQL .= sprintf(" %d, '%s', '%s', %d, %d, %d ", $layoutId, $regionId, $groupId, $view, $edit, $del); |
1432 | + $SQL .= " )"; |
1433 | + |
1434 | + if (!$db->query($SQL)) |
1435 | + { |
1436 | + trigger_error($db->error()); |
1437 | + $this->SetError(25026, __('Could not Link Layout Region to Group')); |
1438 | + |
1439 | + return false; |
1440 | + } |
1441 | + |
1442 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Link'); |
1443 | + |
1444 | + return true; |
1445 | + } |
1446 | + |
1447 | + /** |
1448 | + * Links everyone to the layout specified |
1449 | + * @param <type> $layoutId |
1450 | + * @param <type> $view |
1451 | + * @param <type> $edit |
1452 | + * @param <type> $del |
1453 | + * @return <type> |
1454 | + */ |
1455 | + public function LinkEveryone($layoutId, $regionId, $view, $edit, $del) |
1456 | + { |
1457 | + $db =& $this->db; |
1458 | + |
1459 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'LinkEveryone'); |
1460 | + |
1461 | + $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); |
1462 | + |
1463 | + return $this->Link($layoutId, $regionId, $groupId, $view, $edit, $del); |
1464 | + } |
1465 | + |
1466 | + /** |
1467 | + * Unlinks a display group from a group |
1468 | + * @return |
1469 | + * @param $displayGroupID Object |
1470 | + * @param $groupID Object |
1471 | + */ |
1472 | + public function Unlink($layoutId, $regionId, $groupId) |
1473 | + { |
1474 | + $db =& $this->db; |
1475 | + |
1476 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Unlink'); |
1477 | + |
1478 | + $SQL = ""; |
1479 | + $SQL .= "DELETE FROM "; |
1480 | + $SQL .= " lklayoutregiongroup "; |
1481 | + $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND GroupID = %d ", $layoutId, $regionId, $groupId); |
1482 | + |
1483 | + if (!$db->query($SQL)) |
1484 | + { |
1485 | + trigger_error($db->error()); |
1486 | + $this->SetError(25027, __('Could not Unlink Layout Region from Group')); |
1487 | + |
1488 | + return false; |
1489 | + } |
1490 | + |
1491 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Unlink'); |
1492 | + |
1493 | + return true; |
1494 | + } |
1495 | + |
1496 | + /** |
1497 | + * Unlinks a display group from a group |
1498 | + * @return |
1499 | + * @param $displayGroupID Object |
1500 | + * @param $groupID Object |
1501 | + */ |
1502 | + public function UnlinkAll($layoutId, $regionId) |
1503 | + { |
1504 | + $db =& $this->db; |
1505 | + |
1506 | + Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Unlink'); |
1507 | + |
1508 | + $SQL = ""; |
1509 | + $SQL .= "DELETE FROM "; |
1510 | + $SQL .= " lklayoutregiongroup "; |
1511 | + $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' ", $layoutId, $regionId); |
1512 | + |
1513 | + if (!$db->query($SQL)) |
1514 | + { |
1515 | + trigger_error($db->error()); |
1516 | + $this->SetError(25028, __('Could not Unlink Layout Region from Group')); |
1517 | + |
1518 | + return false; |
1519 | + } |
1520 | + |
1521 | + Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Unlink'); |
1522 | + |
1523 | + return true; |
1524 | + } |
1525 | +} |
1526 | +?> |
1527 | \ No newline at end of file |
1528 | |
1529 | === modified file 'server/lib/data/media.data.class.php' |
1530 | --- server/lib/data/media.data.class.php 2011-05-14 10:14:52 +0000 |
1531 | +++ server/lib/data/media.data.class.php 2011-08-18 23:36:27 +0000 |
1532 | @@ -33,11 +33,10 @@ |
1533 | * @param <type> $name |
1534 | * @param <type> $duration |
1535 | * @param <type> $fileName |
1536 | - * @param <type> $permissionId |
1537 | * @param <type> $userId |
1538 | * @return <type> |
1539 | */ |
1540 | - public function Add($fileId, $type, $name, $duration, $fileName, $permissionId, $userId) |
1541 | + public function Add($fileId, $type, $name, $duration, $fileName, $userId) |
1542 | { |
1543 | $db =& $this->db; |
1544 | |
1545 | @@ -62,11 +61,11 @@ |
1546 | return $this->SetError(12, __('Media you own already has this name. Please choose another.')); |
1547 | |
1548 | // All OK to insert this record |
1549 | - $SQL = "INSERT INTO media (name, type, duration, originalFilename, permissionID, userID, retired ) "; |
1550 | - $SQL .= "VALUES ('%s', '%s', '%s', '%s', %d, %d, 0) "; |
1551 | + $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) "; |
1552 | + $SQL .= "VALUES ('%s', '%s', '%s', '%s', %d, 0) "; |
1553 | |
1554 | $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($type), |
1555 | - $db->escape_string($duration), $db->escape_string($fileName), $permissionId, $userId); |
1556 | + $db->escape_string($duration), $db->escape_string($fileName), $userId); |
1557 | |
1558 | if (!$mediaId = $db->insert_query($SQL)) |
1559 | { |
1560 | @@ -111,10 +110,9 @@ |
1561 | * @param <type> $mediaId |
1562 | * @param <type> $name |
1563 | * @param <type> $duration |
1564 | - * @param <type> $permissionId |
1565 | * @return <bool> |
1566 | */ |
1567 | - public function Edit($mediaId, $name, $duration, $permissionId, $userId) |
1568 | + public function Edit($mediaId, $name, $duration, $userId) |
1569 | { |
1570 | $db =& $this->db; |
1571 | |
1572 | @@ -128,8 +126,8 @@ |
1573 | if ($db->GetSingleRow(sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userId))) |
1574 | return $this->SetError(12, __('Media you own already has this name. Please choose another.')); |
1575 | |
1576 | - $SQL = "UPDATE media SET name = '%s', duration = %d, permissionID = %d WHERE MediaID = %d"; |
1577 | - $SQL = sprintf($SQL, $db->escape_string($name), $duration, $permissionId, $mediaId); |
1578 | + $SQL = "UPDATE media SET name = '%s', duration = %d WHERE MediaID = %d"; |
1579 | + $SQL = sprintf($SQL, $db->escape_string($name), $duration, $mediaId); |
1580 | |
1581 | if (!$db->query($SQL)) |
1582 | { |
1583 | @@ -153,7 +151,7 @@ |
1584 | // Call add with this file Id and then update the existing mediaId with the returned mediaId |
1585 | // from the add call. |
1586 | // Will need to get some information about the existing media record first. |
1587 | - $SQL = "SELECT name, duration, permissionId, UserID, type FROM media WHERE MediaID = %d"; |
1588 | + $SQL = "SELECT name, duration, UserID, type FROM media WHERE MediaID = %d"; |
1589 | $SQL = sprintf($SQL, $mediaId); |
1590 | |
1591 | if (!$row = $db->GetSingleRow($SQL)) |
1592 | @@ -162,7 +160,7 @@ |
1593 | return $this->SetError(31, 'Unable to get information about existing media record.'); |
1594 | } |
1595 | |
1596 | - if (!$newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['permissionId'], $row['UserID'])) |
1597 | + if (!$newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['UserID'])) |
1598 | return false; |
1599 | |
1600 | // Update the existing record with the new record's id |
1601 | |
1602 | === added file 'server/lib/data/mediagroupsecurity.data.class.php' |
1603 | --- server/lib/data/mediagroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 |
1604 | +++ server/lib/data/mediagroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 |
1605 | @@ -0,0 +1,188 @@ |
1606 | +<?php |
1607 | +/* |
1608 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
1609 | + * Copyright (C) 2011 Daniel Garner |
1610 | + * |
1611 | + * This file is part of Xibo. |
1612 | + * |
1613 | + * Xibo is free software: you can redistribute it and/or modify |
1614 | + * it under the terms of the GNU Affero General Public License as published by |
1615 | + * the Free Software Foundation, either version 3 of the License, or |
1616 | + * any later version. |
1617 | + * |
1618 | + * Xibo is distributed in the hope that it will be useful, |
1619 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
1620 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
1621 | + * GNU Affero General Public License for more details. |
1622 | + * |
1623 | + * You should have received a copy of the GNU Affero General Public License |
1624 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
1625 | + */ |
1626 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
1627 | + |
1628 | +class MediaGroupSecurity extends Data |
1629 | +{ |
1630 | + public function __construct(database $db) |
1631 | + { |
1632 | + parent::__construct($db); |
1633 | + } |
1634 | + |
1635 | + /** |
1636 | + * Links a Display Group to a Group |
1637 | + * @return |
1638 | + * @param $displayGroupID Object |
1639 | + * @param $groupID Object |
1640 | + */ |
1641 | + public function Link($mediaId, $groupId, $view, $edit, $del) |
1642 | + { |
1643 | + $db =& $this->db; |
1644 | + |
1645 | + Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Link'); |
1646 | + |
1647 | + $SQL = ""; |
1648 | + $SQL .= "INSERT "; |
1649 | + $SQL .= "INTO lkmediagroup "; |
1650 | + $SQL .= " ( "; |
1651 | + $SQL .= " MediaID, "; |
1652 | + $SQL .= " GroupID, "; |
1653 | + $SQL .= " View, "; |
1654 | + $SQL .= " Edit, "; |
1655 | + $SQL .= " Del "; |
1656 | + $SQL .= " ) "; |
1657 | + $SQL .= " VALUES "; |
1658 | + $SQL .= " ( "; |
1659 | + $SQL .= sprintf(" %d, %d, %d, %d, %d ", $mediaId, $groupId, $view, $edit, $del); |
1660 | + $SQL .= " )"; |
1661 | + |
1662 | + if (!$db->query($SQL)) |
1663 | + { |
1664 | + trigger_error($db->error()); |
1665 | + $this->SetError(25026, __('Could not Link Media to Group')); |
1666 | + |
1667 | + return false; |
1668 | + } |
1669 | + |
1670 | + Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Link'); |
1671 | + |
1672 | + return true; |
1673 | + } |
1674 | + |
1675 | + /** |
1676 | + * Links everyone to the layout specified |
1677 | + * @param <type> $layoutId |
1678 | + * @param <type> $view |
1679 | + * @param <type> $edit |
1680 | + * @param <type> $del |
1681 | + * @return <type> |
1682 | + */ |
1683 | + public function LinkEveryone($mediaId, $view, $edit, $del) |
1684 | + { |
1685 | + $db =& $this->db; |
1686 | + |
1687 | + Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'LinkEveryone'); |
1688 | + |
1689 | + $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT); |
1690 | + |
1691 | + return $this->Link($mediaId, $groupId, $view, $edit, $del); |
1692 | + } |
1693 | + |
1694 | + /** |
1695 | + * Unlinks a display group from a group |
1696 | + * @return |
1697 | + * @param $displayGroupID Object |
1698 | + * @param $groupID Object |
1699 | + */ |
1700 | + public function Unlink($mediaId, $groupId) |
1701 | + { |
1702 | + $db =& $this->db; |
1703 | + |
1704 | + Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Unlink'); |
1705 | + |
1706 | + $SQL = ""; |
1707 | + $SQL .= "DELETE FROM "; |
1708 | + $SQL .= " lkmediagroup "; |
1709 | + $SQL .= sprintf(" WHERE MediaID = %d AND GroupID = %d ", $mediaId, $groupId); |
1710 | + |
1711 | + if (!$db->query($SQL)) |
1712 | + { |
1713 | + trigger_error($db->error()); |
1714 | + $this->SetError(25027, __('Could not Unlink Layout from Group')); |
1715 | + |
1716 | + return false; |
1717 | + } |
1718 | + |
1719 | + Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Unlink'); |
1720 | + |
1721 | + return true; |
1722 | + } |
1723 | + |
1724 | + /** |
1725 | + * Unlinks a display group from a group |
1726 | + * @return |
1727 | + * @param $displayGroupID Object |
1728 | + * @param $groupID Object |
1729 | + */ |
1730 | + public function UnlinkAll($mediaId) |
1731 | + { |
1732 | + $db =& $this->db; |
1733 | + |
1734 | + Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Unlink'); |
1735 | + |
1736 | + $SQL = ""; |
1737 | + $SQL .= "DELETE FROM "; |
1738 | + $SQL .= " lkmediagroup "; |
1739 | + $SQL .= sprintf(" WHERE MediaID = %d ", $mediaId); |
1740 | + |
1741 | + if (!$db->query($SQL)) |
1742 | + { |
1743 | + trigger_error($db->error()); |
1744 | + $this->SetError(25028, __('Could not Unlink Media from Group')); |
1745 | + |
1746 | + return false; |
1747 | + } |
1748 | + |
1749 | + Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Unlink'); |
1750 | + |
1751 | + return true; |
1752 | + } |
1753 | + |
1754 | + /** |
1755 | + * Copies a media items permissions |
1756 | + * @param <type> $mediaId |
1757 | + * @param <type> $newMediaId |
1758 | + * @return <type> |
1759 | + */ |
1760 | + public function Copy($mediaId, $newMediaId) |
1761 | + { |
1762 | + $db =& $this->db; |
1763 | + |
1764 | + Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Copy'); |
1765 | + |
1766 | + $SQL = ""; |
1767 | + $SQL .= "INSERT "; |
1768 | + $SQL .= "INTO lkmediagroup "; |
1769 | + $SQL .= " ( "; |
1770 | + $SQL .= " MediaID, "; |
1771 | + $SQL .= " GroupID, "; |
1772 | + $SQL .= " View, "; |
1773 | + $SQL .= " Edit, "; |
1774 | + $SQL .= " Del "; |
1775 | + $SQL .= " ) "; |
1776 | + $SQL .= " SELECT '%s', GroupID, View, Edit, Del "; |
1777 | + $SQL .= " FROM lkmediagroup "; |
1778 | + $SQL .= " WHERE MediaID = '%s' "; |
1779 | + |
1780 | + $SQL = sprintf($SQL, $newMediaId, $mediaId); |
1781 | + |
1782 | + if (!$db->query($SQL)) |
1783 | + { |
1784 | + trigger_error($db->error()); |
1785 | + $this->SetError(25028, __('Could not Copy Layout Media Security')); |
1786 | + |
1787 | + return false; |
1788 | + } |
1789 | + |
1790 | + return true; |
1791 | + } |
1792 | +} |
1793 | +?> |
1794 | \ No newline at end of file |
1795 | |
1796 | === modified file 'server/lib/data/schedule.data.class.php' |
1797 | --- server/lib/data/schedule.data.class.php 2011-02-13 17:08:55 +0000 |
1798 | +++ server/lib/data/schedule.data.class.php 2011-08-18 23:36:27 +0000 |
1799 | @@ -44,6 +44,8 @@ |
1800 | if (count($displayGroupIDs) == 0) |
1801 | return $this->SetError(25001, __('No display groups selected')); |
1802 | |
1803 | + if ($userID == 0) |
1804 | + return $this->SetError(25001, __('No User Id Present')); |
1805 | |
1806 | // Cant have a 0 increment as it creates a loop |
1807 | if ($recDetail == 0) |
1808 | |
1809 | === added file 'server/lib/data/templategroupsecurity.data.class.php' |
1810 | --- server/lib/data/templategroupsecurity.data.class.php 1970-01-01 00:00:00 +0000 |
1811 | +++ server/lib/data/templategroupsecurity.data.class.php 2011-08-18 23:36:27 +0000 |
1812 | @@ -0,0 +1,130 @@ |
1813 | +<?php |
1814 | +/* |
1815 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
1816 | + * Copyright (C) 2011 Daniel Garner |
1817 | + * |
1818 | + * This file is part of Xibo. |
1819 | + * |
1820 | + * Xibo is free software: you can redistribute it and/or modify |
1821 | + * it under the terms of the GNU Affero General Public License as published by |
1822 | + * the Free Software Foundation, either version 3 of the License, or |
1823 | + * any later version. |
1824 | + * |
1825 | + * Xibo is distributed in the hope that it will be useful, |
1826 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
1827 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
1828 | + * GNU Affero General Public License for more details. |
1829 | + * |
1830 | + * You should have received a copy of the GNU Affero General Public License |
1831 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
1832 | + */ |
1833 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
1834 | + |
1835 | +class TemplateGroupSecurity extends Data |
1836 | +{ |
1837 | + public function __construct(database $db) |
1838 | + { |
1839 | + parent::__construct($db); |
1840 | + } |
1841 | + |
1842 | + /** |
1843 | + * Links a Display Group to a Group |
1844 | + * @return |
1845 | + * @param $displayGroupID Object |
1846 | + * @param $groupID Object |
1847 | + */ |
1848 | + public function Link($templateId, $groupId, $view, $edit, $del) |
1849 | + { |
1850 | + $db =& $this->db; |
1851 | + |
1852 | + Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Link'); |
1853 | + |
1854 | + $SQL = ""; |
1855 | + $SQL .= "INSERT "; |
1856 | + $SQL .= "INTO lktemplategroup "; |
1857 | + $SQL .= " ( "; |
1858 | + $SQL .= " TemplateID, "; |
1859 | + $SQL .= " GroupID, "; |
1860 | + $SQL .= " View, "; |
1861 | + $SQL .= " Edit, "; |
1862 | + $SQL .= " Del "; |
1863 | + $SQL .= " ) "; |
1864 | + $SQL .= " VALUES "; |
1865 | + $SQL .= " ( "; |
1866 | + $SQL .= sprintf(" %d, %d, %d, %d, %d ", $templateId, $groupId, $view, $edit, $del); |
1867 | + $SQL .= " )"; |
1868 | + |
1869 | + if (!$db->query($SQL)) |
1870 | + { |
1871 | + trigger_error($db->error()); |
1872 | + $this->SetError(25024, __('Could not Link Template to Group')); |
1873 | + |
1874 | + return false; |
1875 | + } |
1876 | + |
1877 | + Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Link'); |
1878 | + |
1879 | + return true; |
1880 | + } |
1881 | + |
1882 | + /** |
1883 | + * Unlinks a display group from a group |
1884 | + * @return |
1885 | + * @param $displayGroupID Object |
1886 | + * @param $groupID Object |
1887 | + */ |
1888 | + public function Unlink($templateId, $groupId) |
1889 | + { |
1890 | + $db =& $this->db; |
1891 | + |
1892 | + Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Unlink'); |
1893 | + |
1894 | + $SQL = ""; |
1895 | + $SQL .= "DELETE FROM "; |
1896 | + $SQL .= " lktemplategroup "; |
1897 | + $SQL .= sprintf(" WHERE TemplateID = %d AND GroupID = %d ", $templateId, $groupId); |
1898 | + |
1899 | + if (!$db->query($SQL)) |
1900 | + { |
1901 | + trigger_error($db->error()); |
1902 | + $this->SetError(25025, __('Could not Unlink Template from Group')); |
1903 | + |
1904 | + return false; |
1905 | + } |
1906 | + |
1907 | + Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Unlink'); |
1908 | + |
1909 | + return true; |
1910 | + } |
1911 | + |
1912 | + /** |
1913 | + * Unlinks a display group from a group |
1914 | + * @return |
1915 | + * @param $displayGroupID Object |
1916 | + * @param $groupID Object |
1917 | + */ |
1918 | + public function UnlinkAll($templateId) |
1919 | + { |
1920 | + $db =& $this->db; |
1921 | + |
1922 | + Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Unlink'); |
1923 | + |
1924 | + $SQL = ""; |
1925 | + $SQL .= "DELETE FROM "; |
1926 | + $SQL .= " lktemplategroup "; |
1927 | + $SQL .= sprintf(" WHERE TemplateID = %d ", $templateId); |
1928 | + |
1929 | + if (!$db->query($SQL)) |
1930 | + { |
1931 | + trigger_error($db->error()); |
1932 | + $this->SetError(25025, __('Could not Unlink Template from Group')); |
1933 | + |
1934 | + return false; |
1935 | + } |
1936 | + |
1937 | + Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Unlink'); |
1938 | + |
1939 | + return true; |
1940 | + } |
1941 | +} |
1942 | +?> |
1943 | \ No newline at end of file |
1944 | |
1945 | === modified file 'server/lib/include.php' |
1946 | --- server/lib/include.php 2011-06-05 16:17:41 +0000 |
1947 | +++ server/lib/include.php 2011-08-18 23:36:27 +0000 |
1948 | @@ -32,6 +32,7 @@ |
1949 | require_once("lib/app/pagemanager.class.php"); |
1950 | require_once("lib/app/menumanager.class.php"); |
1951 | require_once("lib/app/modulemanager.class.php"); |
1952 | +require_once("lib/app/permissionmanager.class.php"); |
1953 | require_once("lib/app/formmanager.class.php"); |
1954 | require_once("lib/app/helpmanager.class.php"); |
1955 | require_once("lib/app/responsemanager.class.php"); |
1956 | |
1957 | === modified file 'server/lib/js/core.js' |
1958 | --- server/lib/js/core.js 2010-08-01 10:45:26 +0000 |
1959 | +++ server/lib/js/core.js 2011-08-18 23:36:27 +0000 |
1960 | @@ -24,7 +24,7 @@ |
1961 | $('#system_message').dialog({ |
1962 | title: "Application Message", |
1963 | width: "320", |
1964 | - height: "120", |
1965 | + height: "220", |
1966 | draggable: false, |
1967 | resizable: false, |
1968 | bgiframe: true, |
1969 | @@ -299,6 +299,14 @@ |
1970 | $('input[type=text]', '#div_dialog').eq(0).focus(); |
1971 | } |
1972 | |
1973 | + if (response.appendHiddenSubmit) { |
1974 | + var hiddenField = '<input type="submit" style="display:none" />'; |
1975 | + |
1976 | + if ($("input[type=submit]", "#div_dialog").length == 0) { |
1977 | + $("form", "#div_dialog").append('<input type="submit" style="display:none" />'); |
1978 | + } |
1979 | + } |
1980 | + |
1981 | // Call Xibo Init for this form |
1982 | XiboInitialise("#div_dialog"); |
1983 | } |
1984 | @@ -410,8 +418,9 @@ |
1985 | } |
1986 | |
1987 | // Should we display the message? |
1988 | - if (!response.hideMessage || response.message != '') { |
1989 | - SystemMessage(response.message); |
1990 | + if (!response.hideMessage) { |
1991 | + if (response.message != '') |
1992 | + SystemMessage(response.message); |
1993 | } |
1994 | |
1995 | // Do we need to fire a callback function? |
1996 | |
1997 | === added file 'server/lib/js/dataset.js' |
1998 | --- server/lib/js/dataset.js 1970-01-01 00:00:00 +0000 |
1999 | +++ server/lib/js/dataset.js 2011-08-18 23:36:27 +0000 |
2000 | @@ -0,0 +1,69 @@ |
2001 | +/* |
2002 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
2003 | + * Copyright (C) 2011 Daniel Garner |
2004 | + * |
2005 | + * This file is part of Xibo. |
2006 | + * |
2007 | + * Xibo is free software: you can redistribute it and/or modify |
2008 | + * it under the terms of the GNU Affero General Public License as published by |
2009 | + * the Free Software Foundation, either version 3 of the License, or |
2010 | + * any later version. |
2011 | + * |
2012 | + * Xibo is distributed in the hope that it will be useful, |
2013 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
2014 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
2015 | + * GNU Affero General Public License for more details. |
2016 | + * |
2017 | + * You should have received a copy of the GNU Affero General Public License |
2018 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
2019 | + */ |
2020 | + |
2021 | +var dataSetData = function() { |
2022 | + $('.XiboDataSetDataForm').submit(function() { |
2023 | + return false; |
2024 | + }); |
2025 | + |
2026 | + $('.XiboDataSetDataForm input').change(XiboDataSetDataFormChange); |
2027 | + $('.XiboDataSetDataForm select').change(XiboDataSetDataFormChange); |
2028 | +} |
2029 | + |
2030 | +var XiboDataSetDataFormChange = function() { |
2031 | + // Submit this form using AJAX. |
2032 | + var url = $(this.form).attr("action") + "&ajax=true"; |
2033 | + |
2034 | + $.ajax({ |
2035 | + type:"post", |
2036 | + url:url, |
2037 | + cache:false, |
2038 | + dataType:"json", |
2039 | + data:$(this.form).serialize(), |
2040 | + success: XiboDataSetDataFormSubmitResponse |
2041 | + }); |
2042 | + |
2043 | + return false; |
2044 | +} |
2045 | + |
2046 | +var XiboDataSetDataFormSubmitResponse = function(response) { |
2047 | + |
2048 | + if (response.success) { |
2049 | + $('#' + response.uniqueReference).attr("action", response.loadFormUri); |
2050 | + } |
2051 | + else { |
2052 | + // Login Form needed? |
2053 | + if (response.login) { |
2054 | + LoginBox(response.message); |
2055 | + return false; |
2056 | + } |
2057 | + else { |
2058 | + // Just an error we dont know about |
2059 | + if (response.message == undefined) { |
2060 | + SystemMessage(response); |
2061 | + } |
2062 | + else { |
2063 | + SystemMessage(response.message); |
2064 | + } |
2065 | + } |
2066 | + } |
2067 | + |
2068 | + return false; |
2069 | +} |
2070 | \ No newline at end of file |
2071 | |
2072 | === modified file 'server/lib/js/layout.js' |
2073 | --- server/lib/js/layout.js 2010-08-05 19:09:05 +0000 |
2074 | +++ server/lib/js/layout.js 2011-08-18 23:36:27 +0000 |
2075 | @@ -89,7 +89,7 @@ |
2076 | return false; //prevent submit |
2077 | } |
2078 | |
2079 | -function microblog_callback() |
2080 | +var microblog_callback = function() |
2081 | { |
2082 | // Conjure up a text editor |
2083 | $("#ta_template").ckeditor(); |
2084 | @@ -169,7 +169,7 @@ |
2085 | var layoutid = $(t).attr("layoutid"); |
2086 | var regionid = $(t).attr("regionid"); |
2087 | |
2088 | - XiboFormRender("index.php?p=user&q=SetUserHomepageForm&layoutid="+layoutid+"®ionid="+regionid); |
2089 | + XiboFormRender("index.php?p=layout&q=RegionPermissionsForm&layoutid="+layoutid+"®ionid="+regionid); |
2090 | } |
2091 | } |
2092 | }); |
2093 | @@ -195,7 +195,7 @@ |
2094 | |
2095 | |
2096 | // Preview |
2097 | - $('.region').each(function(){ |
2098 | + $('.regionPreview').each(function(){ |
2099 | new Preview(this); |
2100 | }); |
2101 | |
2102 | |
2103 | === modified file 'server/lib/js/mediamanager.js' |
2104 | --- server/lib/js/mediamanager.js 2009-12-31 11:38:50 +0000 |
2105 | +++ server/lib/js/mediamanager.js 2011-08-18 23:36:27 +0000 |
2106 | @@ -1,6 +1,6 @@ |
2107 | /* |
2108 | * Xibo - Digitial Signage - http://www.xibo.org.uk |
2109 | - * Copyright (C) 2006,2007,2008 Daniel Garner and James Packer |
2110 | + * Copyright (C) 2011 Daniel Garner |
2111 | * |
2112 | * This file is part of Xibo. |
2113 | * |
2114 | @@ -16,121 +16,69 @@ |
2115 | * |
2116 | * You should have received a copy of the GNU Affero General Public License |
2117 | * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
2118 | - */ |
2119 | -$(document).ready(function() { |
2120 | - |
2121 | -}); |
2122 | - |
2123 | -var exec_filter_callback = function() { |
2124 | - |
2125 | -} |
2126 | - |
2127 | -var submit_form_callback = function(outputDiv) { |
2128 | - |
2129 | - //Just refresh |
2130 | - //window.location = window.location.href; |
2131 | - |
2132 | - return false; |
2133 | -} |
2134 | - |
2135 | -var region_options_callback = function(outputDiv) |
2136 | -{ |
2137 | - set_form_size(830,450); |
2138 | - |
2139 | - //Get all the tooltip_hidden |
2140 | - $(".tooltip_hidden").parent().hover(function() |
2141 | - { |
2142 | - //Change the hidden div's content |
2143 | - $('#tooltip_hover').html($(".tooltip_hidden",this).html()).css("left",$(this).css("left")).show(); |
2144 | - }, function() |
2145 | - { |
2146 | - $('#tooltip_hover').hide(); |
2147 | - }); |
2148 | - |
2149 | - //Make the elements draggable |
2150 | - $(".timebar_ctl").draggable({ |
2151 | - containment: document.getElementById("timeline_ctl") |
2152 | - }); |
2153 | - |
2154 | - $(".mediabreak").droppable({ |
2155 | - accept: ".timebar_ctl", |
2156 | - drop: function(ev, ui) { |
2157 | - orderRegion(ui, this); |
2158 | - } |
2159 | - }); |
2160 | -} |
2161 | - |
2162 | -function orderRegion(timeBar, mediaBreak){ |
2163 | - var layoutid = $(timeBar.element.offsetParent).attr("layoutid"); |
2164 | - var regionid = $(timeBar.element.offsetParent).attr("regionid"); |
2165 | - var mediaid = $(timeBar.element).attr("mediaid"); |
2166 | - var sequence = $(mediaBreak).attr("breakid"); |
2167 | - |
2168 | - $.ajax({ |
2169 | - type: "post", |
2170 | - url: "index.php?p=layout&q=RegionOrder&layoutid=" + layoutid + "&callingpage=mediamanager&ajax=true", |
2171 | - cache: false, |
2172 | - datatype: "html", |
2173 | - data: { |
2174 | - "mediaid": mediaid, |
2175 | - "sequence": sequence, |
2176 | - "regionid": regionid |
2177 | - }, |
2178 | - success: function(transport){ |
2179 | - |
2180 | - var response = transport.split('|'); |
2181 | - |
2182 | - if (response[0] == '0') { |
2183 | - //success |
2184 | - //Post notice somewhere? |
2185 | - } |
2186 | - else |
2187 | - if (response[0] == '1') //failure |
2188 | - { |
2189 | - |
2190 | - alert(response[1]); |
2191 | - } |
2192 | - else |
2193 | - if (response[0] == '2') //login |
2194 | - { |
2195 | - alert("You need to login"); |
2196 | - } |
2197 | - else |
2198 | - if (response[0] == '3') { |
2199 | - window.location = response[1]; //redirect |
2200 | - } |
2201 | - else |
2202 | - if (response[0] == '6') //success, load form |
2203 | - { |
2204 | - //we need: uri, callback, onsubmit |
2205 | - var uri = response[1]; |
2206 | - var callback = response[2]; |
2207 | - var onsubmit = response[3]; |
2208 | - |
2209 | - load_form(uri, $('#div_dialog'), callback, onsubmit); |
2210 | - } |
2211 | - else { |
2212 | - alert("An unknown error occured"); |
2213 | - } |
2214 | - |
2215 | - return false; |
2216 | - } |
2217 | - }); |
2218 | -} |
2219 | - |
2220 | -function dialog_filter() { |
2221 | - exec_filter('stack_filter_form','dialog_grid'); |
2222 | - |
2223 | - return false; |
2224 | -} |
2225 | - |
2226 | -/** |
2227 | - * Handles the tRegionOptions trigger |
2228 | */ |
2229 | -function tRegionOptions() |
2230 | -{ |
2231 | - var regionid = gup("regionid"); |
2232 | - var layoutid = gup("layoutid"); |
2233 | - |
2234 | - load_form('index.php?p=layout&layoutid='+layoutid+'®ionid='+regionid+'&q=RegionOptions', $('#div_dialog'),'',region_options_callback); |
2235 | +var text_callback = function() |
2236 | +{ |
2237 | + // Conjure up a text editor |
2238 | + $("#ta_text").ckeditor(); |
2239 | + |
2240 | + // Make sure when we close the dialog we also destroy the editor |
2241 | + $("#div_dialog").bind("dialogclose.xibo", function(event, ui){ |
2242 | + $("#ta_text").ckeditorGet().destroy(); |
2243 | + $("#div_dialog").unbind("dialogclose.xibo"); |
2244 | + }) |
2245 | + |
2246 | + var regionid = $("#iRegionId").val(); |
2247 | + var width = $("#region_"+regionid).width(); |
2248 | + var height = $("#region_"+regionid).height(); |
2249 | + |
2250 | + // Min width |
2251 | + if (width < 800) width = 800; |
2252 | + |
2253 | + // Adjust the width and height |
2254 | + width = width + 80; |
2255 | + height = height + 295; |
2256 | + |
2257 | + $('#div_dialog').height(height+"px"); |
2258 | + $('#div_dialog').dialog('option', 'width', width); |
2259 | + $('#div_dialog').dialog('option', 'height', height); |
2260 | + $('#div_dialog').dialog('option', 'position', 'center'); |
2261 | + |
2262 | + return false; //prevent submit |
2263 | +} |
2264 | + |
2265 | +var microblog_callback = function() |
2266 | +{ |
2267 | + // Conjure up a text editor |
2268 | + $("#ta_template").ckeditor(); |
2269 | + $("#ta_nocontent").ckeditor(); |
2270 | + |
2271 | + // Make sure when we close the dialog we also destroy the editor |
2272 | + $("#div_dialog").bind("dialogclose.xibo", function(event, ui){ |
2273 | + $("#ta_template").ckeditorGet().destroy(); |
2274 | + $("#ta_nocontent").ckeditorGet().destroy(); |
2275 | + |
2276 | + $("#div_dialog").unbind("dialogclose.xibo"); |
2277 | + }) |
2278 | + |
2279 | + var regionid = $("#iRegionId").val(); |
2280 | + var width = $("#region_"+regionid).width(); |
2281 | + var height = $("#region_"+regionid).height(); |
2282 | + |
2283 | + //Min width |
2284 | + if (width < 800) width = 800; |
2285 | + height = height - 170; |
2286 | + |
2287 | + // Min height |
2288 | + if (height < 300) height = 300; |
2289 | + |
2290 | + width = width + 80; |
2291 | + height = height + 480; |
2292 | + |
2293 | + $('#div_dialog').height(height+"px"); |
2294 | + $('#div_dialog').dialog('option', 'width', width); |
2295 | + $('#div_dialog').dialog('option', 'height', height); |
2296 | + $('#div_dialog').dialog('option', 'position', 'center'); |
2297 | + |
2298 | + return false; //prevent submit |
2299 | } |
2300 | \ No newline at end of file |
2301 | |
2302 | === modified file 'server/lib/modules/module.class.php' |
2303 | --- server/lib/modules/module.class.php 2010-08-28 13:20:11 +0000 |
2304 | +++ server/lib/modules/module.class.php 2011-08-18 23:36:27 +0000 |
2305 | @@ -27,13 +27,15 @@ |
2306 | protected $user; |
2307 | protected $region; |
2308 | protected $response; |
2309 | + public $auth; |
2310 | + protected $type; |
2311 | + protected $displayType; |
2312 | |
2313 | protected $layoutid; |
2314 | protected $regionid; |
2315 | |
2316 | protected $mediaid; |
2317 | protected $name; |
2318 | - protected $type; |
2319 | private $schemaVersion; |
2320 | protected $regionSpecific; |
2321 | protected $duration; |
2322 | @@ -45,6 +47,9 @@ |
2323 | |
2324 | protected $existingMedia; |
2325 | protected $deleteFromRegion; |
2326 | + protected $showRegionOptions; |
2327 | + protected $originalUserId; |
2328 | + protected $assignedMedia; |
2329 | |
2330 | /** |
2331 | * Constructor - sets up this media object with all the available information |
2332 | @@ -73,12 +78,13 @@ |
2333 | |
2334 | $this->existingMedia = false; |
2335 | $this->deleteFromRegion = false; |
2336 | - $this->duration = ''; |
2337 | + $this->showRegionOptions = Kit::GetParam('showRegionOptions', _REQUEST, _INT, 1); |
2338 | + $this->duration = ''; |
2339 | |
2340 | // Determine which type this module is |
2341 | $this->SetModuleInformation(); |
2342 | |
2343 | - Debug::LogEntry($db, 'audit', 'New module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid); |
2344 | + Debug::LogEntry($db, 'audit', 'Module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid); |
2345 | |
2346 | // Either the information from the region - or some blanks |
2347 | $this->SetMediaInformation($this->layoutid, $this->regionid, $this->mediaid, $this->lkid); |
2348 | @@ -135,18 +141,20 @@ |
2349 | */ |
2350 | final private function SetMediaInformation($layoutid, $regionid, $mediaid, $lkid) |
2351 | { |
2352 | - $db =& $this->db; |
2353 | - $region =& $this->region; |
2354 | - $xmlDoc = new DOMDocument(); |
2355 | + $db =& $this->db; |
2356 | + $region =& $this->region; |
2357 | + $xmlDoc = new DOMDocument(); |
2358 | |
2359 | if ($this->mediaid != '' && $this->regionid != '' && $this->layoutid != '') |
2360 | { |
2361 | + // Existing media that is assigned to a layout |
2362 | $this->existingMedia = true; |
2363 | + $this->assignedMedia = true; |
2364 | |
2365 | // Set the layout Xml |
2366 | $layoutXml = $region->GetLayoutXml($layoutid); |
2367 | |
2368 | - Debug::LogEntry($db, 'audit', 'Layout XML retrieved: ' . $layoutXml); |
2369 | + //Debug::LogEntry($db, 'audit', 'Layout XML retrieved: ' . $layoutXml); |
2370 | |
2371 | $layoutDoc = new DOMDocument(); |
2372 | $layoutDoc->loadXML($layoutXml); |
2373 | @@ -173,10 +181,17 @@ |
2374 | |
2375 | // Get the LK id if we do not have one provided |
2376 | if ($lkid == '') |
2377 | - $this->lkid = $mediaNode->getAttribute('lkid'); |
2378 | + $this->lkid = $mediaNode->getAttribute('lkid'); |
2379 | + |
2380 | + $this->originalUserId = $mediaNode->getAttribute('userId'); |
2381 | + |
2382 | + // Make sure we have permissions |
2383 | + $this->auth = $this->user->MediaAssignmentAuth($this->originalUserId, $this->layoutid, $this->regionid, $this->mediaid, true); |
2384 | |
2385 | $mediaNode = $xmlDoc->importNode($mediaNode, true); |
2386 | $xmlDoc->documentElement->appendChild($mediaNode); |
2387 | + |
2388 | + Debug::LogEntry($db, 'audit', 'Existing Assigned Media XML is: \n ' . $xmlDoc->saveXML(), 'module', 'SetMediaInformation'); |
2389 | } |
2390 | else |
2391 | { |
2392 | @@ -186,9 +201,10 @@ |
2393 | // But this is some existing media |
2394 | // Therefore make sure we get the bare minimum! |
2395 | $this->existingMedia = true; |
2396 | + $this->assignedMedia = false; |
2397 | |
2398 | // Load what we know about this media into the object |
2399 | - $SQL = "SELECT duration, name FROM media WHERE mediaID = '$mediaid'"; |
2400 | + $SQL = "SELECT duration, name, UserId FROM media WHERE mediaID = '$mediaid'"; |
2401 | |
2402 | Debug::LogEntry($db, 'audit', $SQL, 'Module', 'SetMediaInformation'); |
2403 | |
2404 | @@ -199,15 +215,23 @@ |
2405 | |
2406 | if ($db->num_rows($result) != 0) |
2407 | { |
2408 | - $row = $db->get_row($result); |
2409 | - $this->duration = $row[0]; |
2410 | - $this->name = $row[1]; |
2411 | + $row = $db->get_row($result); |
2412 | + $this->duration = $row[0]; |
2413 | + $this->name = $row[1]; |
2414 | + $this->originalUserId = $row[2]; |
2415 | } |
2416 | + |
2417 | + $this->auth = $this->user->MediaAuth($this->mediaid, true); |
2418 | + } |
2419 | + else |
2420 | + { |
2421 | + // New assignment, therefore user and permissions are defaulted |
2422 | + $this->originalUserId = $this->user->userid; |
2423 | } |
2424 | |
2425 | $xml = <<<XML |
2426 | <root> |
2427 | - <media id="" type="$this->type" duration="" lkid="" schemaVersion="$this->schemaVersion"> |
2428 | + <media id="" type="$this->type" duration="" lkid="" userId="$this->originalUserId" schemaVersion="$this->schemaVersion"> |
2429 | <options /> |
2430 | <raw /> |
2431 | </media> |
2432 | @@ -217,9 +241,6 @@ |
2433 | } |
2434 | |
2435 | $this->xml = $xmlDoc; |
2436 | - |
2437 | - Debug::LogEntry($db, 'audit', 'XML is: ' . $this->xml->saveXML()); |
2438 | - |
2439 | return true; |
2440 | } |
2441 | |
2442 | @@ -257,6 +278,7 @@ |
2443 | $mediaNode->setAttribute('id', $this->mediaid); |
2444 | $mediaNode->setAttribute('duration', $this->duration); |
2445 | $mediaNode->setAttribute('type', $this->type); |
2446 | + $mediaNode->setAttribute('userId', $this->originalUserId); |
2447 | |
2448 | return $this->xml->saveXML($mediaNode); |
2449 | } |
2450 | @@ -439,37 +461,150 @@ |
2451 | */ |
2452 | public function DeleteForm() |
2453 | { |
2454 | - $db =& $this->db; |
2455 | - |
2456 | - //Parameters |
2457 | - $layoutid = $this->layoutid; |
2458 | - $regionid = $this->regionid; |
2459 | - $mediaid = $this->mediaid; |
2460 | - |
2461 | - // Messages |
2462 | - $msgTitle = __('Return to the Region Options'); |
2463 | - $msgWarn = __('Are you sure you want to remove this item from Xibo?'); |
2464 | - $msgWarnLost = __('It will be lost'); |
2465 | - |
2466 | - //we can delete |
2467 | - $form = <<<END |
2468 | - <form class="XiboForm" method="post" action="index.php?p=module&mod=text&q=Exec&method=DeleteMedia"> |
2469 | - <input type="hidden" name="mediaid" value="$mediaid"> |
2470 | - <input type="hidden" name="layoutid" value="$layoutid"> |
2471 | - <input type="hidden" name="regionid" value="$regionid"> |
2472 | - <p>$msgWarn <span class="required">$msgWarnLost</span>.</p> |
2473 | - <input id="btnSave" type="submit" value="Yes" /> |
2474 | - <input class="XiboFormButton" id="btnCancel" type="button" title="$msgTitle" href="index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions" value="No" /> |
2475 | - </form> |
2476 | -END; |
2477 | - |
2478 | - $this->response->html = $form; |
2479 | - $this->response->dialogTitle = __('Delete Item'); |
2480 | - $this->response->dialogSize = true; |
2481 | - $this->response->dialogWidth = '450px'; |
2482 | - $this->response->dialogHeight = '150px'; |
2483 | - |
2484 | - return $this->response; |
2485 | + $db =& $this->db; |
2486 | + $helpManager = new HelpManager($db, $this->user); |
2487 | + $this->response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link($this->type, 'Delete') . '")'); |
2488 | + |
2489 | + //Parameters |
2490 | + $layoutid = $this->layoutid; |
2491 | + $regionid = $this->regionid; |
2492 | + $mediaid = $this->mediaid; |
2493 | + $lkid = $this->lkid; |
2494 | + $userid = $this->user->userid; |
2495 | + |
2496 | + // Can this user delete? |
2497 | + if (!$this->auth->del) |
2498 | + { |
2499 | + $this->response->SetError('You do not have permission to delete this media.'); |
2500 | + $this->response->keepOpen = false; |
2501 | + return $this->response; |
2502 | + } |
2503 | + |
2504 | + // Messages |
2505 | + $msgTitle = __('Return to the Region Options'); |
2506 | + $msgWarn = __('Are you sure you want to remove this item from Xibo?'); |
2507 | + $msgWarnLost = __('It will be lost'); |
2508 | + $msgYes = __('Yes'); |
2509 | + $msgNo = __('No'); |
2510 | + |
2511 | + if ($this->regionSpecific) |
2512 | + { |
2513 | + $form = <<<END |
2514 | + <form id="MediaDeleteForm" class="XiboForm" method="post" action="index.php?p=module&mod=text&q=Exec&method=DeleteMedia"> |
2515 | + <input type="hidden" name="mediaid" value="$mediaid"> |
2516 | + <input type="hidden" name="layoutid" value="$layoutid"> |
2517 | + <input type="hidden" name="regionid" value="$regionid"> |
2518 | + <p>$msgWarn <span class="required">$msgWarnLost</span>.</p> |
2519 | + </form> |
2520 | +END; |
2521 | + $this->response->AddButton(__('No'), 'XiboFormRender("index.php?p=layout&layoutid=' . $layoutid . '®ionid=' . $regionid . '&q=RegionOptions")'); |
2522 | + $this->response->AddButton(__('Yes'), '$("#MediaDeleteForm").submit()'); |
2523 | + } |
2524 | + else |
2525 | + { |
2526 | + // This is for library based media |
2527 | + $options = ''; |
2528 | + |
2529 | + // Always have the abilty to unassign from the region |
2530 | + $options .= 'unassign|' . __('Unassign from this region only'); |
2531 | + |
2532 | + // Is this user allowed to edit this media? |
2533 | + if ($this->auth->edit) |
2534 | + { |
2535 | + // Load what we know about this media into the object |
2536 | + $SQL = "SELECT IFNULL(editedMediaID, 0) AS editedMediaID FROM media WHERE mediaID = $mediaid "; |
2537 | + $editedMediaID = $db->GetSingleValue($SQL, 'editedMediaID', _INT); |
2538 | + |
2539 | + if ($editedMediaID === false) |
2540 | + { |
2541 | + trigger_error($editedMediaID . $db->error()); |
2542 | + $this->response->SetError(__('Error querying for the Media information')); |
2543 | + $this->response->keepOpen = true; |
2544 | + return $this->response; |
2545 | + } |
2546 | + |
2547 | + $options .= ',retire|' . __('Unassign from this region and retire'); |
2548 | + |
2549 | + // Is this media retired? |
2550 | + $revised = false; |
2551 | + if ($editedMediaID != 0) |
2552 | + $revised = true; |
2553 | + |
2554 | + // Is this media being used anywhere else? |
2555 | + if ($layoutid == '') |
2556 | + { |
2557 | + $SQL = sprintf('SELECT layoutID FROM lklayoutmedia WHERE mediaID = %d ', $mediaid); |
2558 | + $options = ''; |
2559 | + } |
2560 | + else |
2561 | + { |
2562 | + $SQL = sprintf("SELECT layoutID FROM lklayoutmedia WHERE mediaID = %d AND layoutid <> %d AND regionID <> '%s' ", $mediaid, $layoutid, $regionid); |
2563 | + } |
2564 | + |
2565 | + if (!$results = $db->query($SQL)) |
2566 | + { |
2567 | + trigger_error($db->error()); |
2568 | + |
2569 | + $this->response->SetError(__('Cannot determine if this media has been used.')); |
2570 | + $this->response->keepOpen = true; |
2571 | + return $this->response; |
2572 | + } |
2573 | + |
2574 | + if ($db->num_rows($results) == 0 && !$revised) |
2575 | + { |
2576 | + $options .= ',delete|' . __('Delete this media'); |
2577 | + } |
2578 | + else |
2579 | + { |
2580 | + $options .= ',retire|' . __('Retire this media'); |
2581 | + } |
2582 | + } |
2583 | + else |
2584 | + { |
2585 | + // If this is the normal content page then say they cant edit, otherwise display the form with only the unassign option |
2586 | + if ($layoutid == '') |
2587 | + { |
2588 | + $this->response->SetError(__('You do not have permission to alter/delete this media.')); |
2589 | + $this->response->keepOpen = true; |
2590 | + return $this->response; |
2591 | + } |
2592 | + } |
2593 | + |
2594 | + $options = ltrim($options, ','); |
2595 | + |
2596 | + $deleteOptions = listcontent($options, 'options'); |
2597 | + |
2598 | + $msgWarn = __('Are you sure you want to delete this media?'); |
2599 | + $msgSelect = __('Please select from the following options'); |
2600 | + $msgCaution = __('Warning! You cannot undo this operation'); |
2601 | + |
2602 | + //we can delete |
2603 | + $form = <<<END |
2604 | + <form id="MediaDeleteForm" class="XiboForm" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=DeleteMedia"> |
2605 | + <input type="hidden" name="mediaid" value="$mediaid"> |
2606 | + <input type="hidden" name="lkid" value="$lkid"> |
2607 | + <input type="hidden" name="layoutid" value="$layoutid"> |
2608 | + <input type="hidden" name="regionid" value="$regionid"> |
2609 | + <p>$msgWarn</p> |
2610 | + <p>$msgSelect: $deleteOptions </p> |
2611 | + <p>$msgCaution</p> |
2612 | + </form> |
2613 | +END; |
2614 | + if ($layoutid == '') |
2615 | + $this->response->AddButton(__('No'), 'XiboDialogClose()'); |
2616 | + else |
2617 | + $this->response->AddButton(__('No'), 'XiboFormRender("index.php?p=layout&layoutid=' . $layoutid . '®ionid=' . $regionid . '&q=RegionOptions")'); |
2618 | + |
2619 | + $this->response->AddButton(__('Yes'), '$("#MediaDeleteForm").submit()'); |
2620 | + } |
2621 | + |
2622 | + $this->response->html = $form; |
2623 | + $this->response->dialogTitle = __('Delete Media'); |
2624 | + $this->response->dialogSize = true; |
2625 | + $this->response->dialogWidth = '450px'; |
2626 | + $this->response->dialogHeight = '280px'; |
2627 | + |
2628 | + return $this->response; |
2629 | } |
2630 | |
2631 | /** |
2632 | @@ -478,21 +613,93 @@ |
2633 | */ |
2634 | public function DeleteMedia() |
2635 | { |
2636 | - $db =& $this->db; |
2637 | - |
2638 | - $layoutid = $this->layoutid; |
2639 | - $regionid = $this->regionid; |
2640 | - |
2641 | - $url = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions"; |
2642 | - |
2643 | - $this->deleteFromRegion = true; |
2644 | - $this->UpdateRegion(); |
2645 | - |
2646 | - // We want to load a new form |
2647 | - $this->response->loadForm = true; |
2648 | - $this->response->loadFormUri= $url; |
2649 | - |
2650 | - return $this->response; |
2651 | + $db =& $this->db; |
2652 | + |
2653 | + $layoutid = $this->layoutid; |
2654 | + $regionid = $this->regionid; |
2655 | + $mediaid = $this->mediaid; |
2656 | + |
2657 | + $url = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions"; |
2658 | + |
2659 | + if (!$this->auth->del) |
2660 | + { |
2661 | + $this->response->SetError('You do not have permission to delete this assignment.'); |
2662 | + $this->response->keepOpen = false; |
2663 | + return $this->response; |
2664 | + } |
2665 | + |
2666 | + if ($layoutid != '') |
2667 | + { |
2668 | + Kit::ClassLoader('layoutmediagroupsecurity'); |
2669 | + $security = new LayoutMediaGroupSecurity($db); |
2670 | + |
2671 | + if (!$security->UnlinkAll($layoutid, $regionid, $this->mediaid)) |
2672 | + trigger_error($security->GetErrorMessage(), E_USER_ERROR); |
2673 | + |
2674 | + $this->deleteFromRegion = true; |
2675 | + $this->UpdateRegion(); |
2676 | + } |
2677 | + |
2678 | + // Are we region specific media? |
2679 | + if (!$this->regionSpecific) |
2680 | + { |
2681 | + $options = Kit::GetParam('options', _POST, _WORD); |
2682 | + |
2683 | + // If we are set to retire we retire |
2684 | + if ($options == 'retire') |
2685 | + { |
2686 | + //Update the media record to say it is retired |
2687 | + $SQL = sprintf("UPDATE media SET retired = 1 WHERE mediaid = %d ", $mediaid); |
2688 | + |
2689 | + if (!$db->query($SQL)) |
2690 | + { |
2691 | + trigger_error($db->error()); |
2692 | + |
2693 | + $this->response->SetError(__('Database error retiring this media record.')); |
2694 | + $this->response->keepOpen = true; |
2695 | + return $this->response; |
2696 | + } |
2697 | + } |
2698 | + |
2699 | + // If we are set to delete, we delete |
2700 | + if ($options == 'delete') |
2701 | + { |
2702 | + // Get the file location from the database |
2703 | + $storedAs = $db->GetSingleValue(sprintf("SELECT storedAs FROM media WHERE mediaid = %d", $mediaid), 'storedAs', _FILENAME); |
2704 | + |
2705 | + // Remove permission assignments |
2706 | + Kit::ClassLoader('mediagroupsecurity'); |
2707 | + |
2708 | + $security = new MediaGroupSecurity($db); |
2709 | + |
2710 | + if (!$security->UnlinkAll($mediaid)) |
2711 | + trigger_error($security->GetErrorMessage(), E_USER_ERROR); |
2712 | + |
2713 | + //Update the media record to say it is retired |
2714 | + $SQL = sprintf("DELETE FROM media WHERE mediaid = %d ", $mediaid); |
2715 | + |
2716 | + if (!$db->query($SQL)) |
2717 | + { |
2718 | + trigger_error($db->error()); |
2719 | + |
2720 | + $this->response->SetError(__('Database error deleting this media record.')); |
2721 | + $this->response->keepOpen = true; |
2722 | + return $this->response; |
2723 | + } |
2724 | + |
2725 | + $this->DeleteMediaFiles($storedAs); |
2726 | + } |
2727 | + |
2728 | + $this->response->message = __('Media Deleted'); |
2729 | + } |
2730 | + else |
2731 | + { |
2732 | + // We want to load a new form |
2733 | + $this->response->loadForm = true; |
2734 | + $this->response->loadFormUri= $url; |
2735 | + } |
2736 | + |
2737 | + return $this->response; |
2738 | } |
2739 | |
2740 | /** |
2741 | @@ -513,6 +720,118 @@ |
2742 | return $this->response; |
2743 | } |
2744 | |
2745 | + protected function AddFormForLibraryMedia() |
2746 | + { |
2747 | + global $session; |
2748 | + $db =& $this->db; |
2749 | + $user =& $this->user; |
2750 | + |
2751 | + // Would like to get the regions width / height |
2752 | + $layoutid = $this->layoutid; |
2753 | + $regionid = $this->regionid; |
2754 | + |
2755 | + // Set the Session / Security information |
2756 | + $sessionId = session_id(); |
2757 | + $securityToken = CreateFormToken(); |
2758 | + $backgroundImage = Kit::GetParam('backgroundImage', _GET, _BOOL, false); |
2759 | + |
2760 | + $session->setSecurityToken($securityToken); |
2761 | + |
2762 | + //Get the default value for the shared list |
2763 | + $default = Config::GetSetting($db, 'defaultMedia'); |
2764 | + $defaultDuration = Config::GetSetting($db, 'jpg_length'); |
2765 | + |
2766 | + // Save button is different depending on if we are on a region or not |
2767 | + if ($regionid != '' && $this->showRegionOptions) |
2768 | + { |
2769 | + setSession('content','mediatype', $this->type); |
2770 | + |
2771 | + $save_button = <<<END |
2772 | + <input id="btnSave" type="submit" value="Save" disabled /> |
2773 | + <input class="XiboFormButton" id="btnCancel" type="button" title="Return to the Region Options" href="index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions" value="Cancel" /> |
2774 | + <input class="XiboFormButton" type="button" href="index.php?p=content&q=LibraryAssignForm&layoutid=$layoutid®ionid=$regionid" title="Library" value="Library" /> |
2775 | +END; |
2776 | + } |
2777 | + elseif ($regionid != '' && !$this->showRegionOptions) |
2778 | + { |
2779 | + $save_button = <<<END |
2780 | + <input id="btnSave" type="submit" value="Save" disabled /> |
2781 | + <input class="XiboFormButton" id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" /> |
2782 | +END; |
2783 | + } |
2784 | + elseif ($backgroundImage) |
2785 | + { |
2786 | + // Show the save button, and make cancel go back to the background form |
2787 | + $save_button = <<<END |
2788 | + <input id="btnSave" type="submit" value="Save" disabled /> |
2789 | + <input class="XiboFormButton" id="btnCancel" type="button" title="Close" href="index.php?p=layout&q=BackgroundForm&modify=true&layoutid=$layoutid" value="Cancel" /> |
2790 | +END; |
2791 | + } |
2792 | + else |
2793 | + { |
2794 | + $save_button = <<<END |
2795 | + <input id="btnSave" type="submit" value="Save" disabled /> |
2796 | + <input class="XiboFormButton" id="btnCancel" type="button" title="Close" href="index.php?p=content&q=displayForms&sp=add" value="Cancel" /> |
2797 | +END; |
2798 | + } |
2799 | + |
2800 | + $form = <<<FORM |
2801 | + <div style="display:none"><iframe name="fileupload" width="1px" height="1px"></iframe></div> |
2802 | + <div> |
2803 | + <form id="file_upload" method="post" action="index.php?p=content&q=FileUpload" enctype="multipart/form-data" target="fileupload"> |
2804 | + <input type="hidden" id="PHPSESSID" value="$sessionId" /> |
2805 | + <input type="hidden" id="SecurityToken" value="$securityToken" /> |
2806 | + <input type="hidden" name="MAX_FILE_SIZE" value="$this->maxFileSizeBytes" /> |
2807 | + <table> |
2808 | + <tr> |
2809 | + <td><label for="file">$this->displayType File<span class="required">*</span></label></td> |
2810 | + <td colspan="3"> |
2811 | + <input type="file" name="media_file" onchange="fileFormSubmit();this.form.submit();" /> |
2812 | + </td> |
2813 | + </tr> |
2814 | + </table> |
2815 | + </form> |
2816 | + </div> |
2817 | + <div id="uploadProgress" style="display:none"> |
2818 | + <img src="img/loading.gif"><span style="padding-left:10px">You may fill in the form while your file is uploading.</span> |
2819 | + </div> |
2820 | + <form class="XiboForm" id="AddLibraryBasedMedia" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=AddMedia"> |
2821 | + <input type="hidden" name="layoutid" value="$layoutid"> |
2822 | + <input type="hidden" name="regionid" value="$regionid"> |
2823 | + <input type="hidden" name="backgroundImage" value="$backgroundImage" /> |
2824 | + <input type="hidden" name="showRegionOptions" value="$this->showRegionOptions" /> |
2825 | + <input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /> |
2826 | + <input type="hidden" name="hidFileID" id="hidFileID" value="" /> |
2827 | + <table width="100%"> |
2828 | + <tr> |
2829 | + <td><label for="name" title="The name of the $this->type. Leave this blank to use the file name">Name</label></td> |
2830 | + <td><input id="name" name="name" type="text"></td> |
2831 | + </tr> |
2832 | + <tr> |
2833 | + <td><label for="duration" title="The duration in seconds this image should be displayed (may be overridden on each layout)">Duration<span class="required">*</span></label></td> |
2834 | + <td><input id="duration" name="duration" type="text" value="$defaultDuration"></td> |
2835 | + </tr> |
2836 | + <tr> |
2837 | + <td></td> |
2838 | + <td>This form accepts: <span class="required">$this->validExtensionsText</span> files up to a maximum size of <span class="required">$this->maxFileSize</span>.</td> |
2839 | + </tr> |
2840 | + <tr> |
2841 | + <td></td> |
2842 | + <td colspan="3">$save_button</td> |
2843 | + </tr> |
2844 | + </table> |
2845 | + </form> |
2846 | +FORM; |
2847 | + |
2848 | + $this->response->html = $form; |
2849 | + $this->response->dialogTitle = 'Add New ' . $this->displayType; |
2850 | + $this->response->dialogSize = true; |
2851 | + $this->response->dialogWidth = '450px'; |
2852 | + $this->response->dialogHeight = '280px'; |
2853 | + |
2854 | + return $this->response; |
2855 | + } |
2856 | + |
2857 | /** |
2858 | * Default Edit Form |
2859 | * @return |
2860 | @@ -530,6 +849,148 @@ |
2861 | return $this->response; |
2862 | } |
2863 | |
2864 | + protected function EditFormForLibraryMedia() |
2865 | + { |
2866 | + global $session; |
2867 | + $db =& $this->db; |
2868 | + $user =& $this->user; |
2869 | + |
2870 | + // Would like to get the regions width / height |
2871 | + $layoutid = $this->layoutid; |
2872 | + $regionid = $this->regionid; |
2873 | + $mediaid = $this->mediaid; |
2874 | + $lkid = $this->lkid; |
2875 | + $userid = $this->user->userid; |
2876 | + |
2877 | + // Can this user delete? |
2878 | + if (!$this->auth->edit) |
2879 | + { |
2880 | + $this->response->SetError('You do not have permission to edit this media.'); |
2881 | + $this->response->keepOpen = false; |
2882 | + return $this->response; |
2883 | + } |
2884 | + |
2885 | + // Set the Session / Security information |
2886 | + $sessionId = session_id(); |
2887 | + $securityToken = CreateFormToken(); |
2888 | + |
2889 | + $session->setSecurityToken($securityToken); |
2890 | + |
2891 | + // Load what we know about this media into the object |
2892 | + $SQL = "SELECT name, originalFilename, userID, retired, storedAs, isEdited, editedMediaID FROM media WHERE mediaID = $mediaid "; |
2893 | + |
2894 | + if (!$row = $db->GetSingleRow($SQL)) |
2895 | + { |
2896 | + trigger_error($db->error()); //log the error |
2897 | + |
2898 | + $this->message = __('Error querying for the Media information'); |
2899 | + return false; |
2900 | + } |
2901 | + |
2902 | + $name = $row['name']; |
2903 | + $originalFilename = $row['originalFilename']; |
2904 | + $userid = $row['userID']; |
2905 | + $retired = $row['retired']; |
2906 | + $storedAs = $row['storedAs']; |
2907 | + $isEdited = $row['isEdited']; |
2908 | + $editedMediaID = $row['editedMediaID']; |
2909 | + $ext = strtolower(substr(strrchr($originalFilename, '.'), 1)); |
2910 | + |
2911 | + // Save button is different depending on if we are on a region or not |
2912 | + if ($regionid != '' && $this->showRegionOptions) |
2913 | + { |
2914 | + setSession('content', 'mediatype', $this->type); |
2915 | + |
2916 | + $extraNotes = '<em>Note: Uploading a new ' . $this->displayType . ' here will replace it on this layout only.</em>'; |
2917 | + |
2918 | + $save_button = <<<END |
2919 | + <input id="btnSave" type="submit" value="Save" /> |
2920 | + <input class="XiboFormButton" id="btnCancel" type="button" title="Return to the Region Options" href="index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions" value="Cancel" /> |
2921 | +END; |
2922 | + } |
2923 | + elseif ($regionid != '' && !$this->showRegionOptions) |
2924 | + { |
2925 | + $extraNotes = '<em>Note: Uploading a new ' . $this->displayType . ' here will replace it on this layout only.</em>'; |
2926 | + |
2927 | + $save_button = <<<END |
2928 | + <input id="btnSave" type="submit" value="Save" /> |
2929 | + <input id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" /> |
2930 | +END; |
2931 | + } |
2932 | + else |
2933 | + { |
2934 | + $extraNotes = '<em>Note: As you are editing from the library uploading a new media item will not replace the old one from any layouts. To do this navigate to the layout and edit the media from there.</em>'; |
2935 | + |
2936 | + $save_button = <<<END |
2937 | + <input id="btnSave" type="submit" value="Save" /> |
2938 | + <input id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" /> |
2939 | +END; |
2940 | + } |
2941 | + |
2942 | + $durationFieldEnabled = ($this->auth->modifyPermissions) ? '' : ' readonly'; |
2943 | + |
2944 | + $form = <<<FORM |
2945 | + <div style="display:none"><iframe name="fileupload" width="1px" height="1px"></iframe></div> |
2946 | + <div> |
2947 | + <form id="file_upload" method="post" action="index.php?p=content&q=FileUpload" enctype="multipart/form-data" target="fileupload"> |
2948 | + <input type="hidden" id="PHPSESSID" value="$sessionId" /> |
2949 | + <input type="hidden" id="SecurityToken" value="$securityToken" /> |
2950 | + <input type="hidden" name="MAX_FILE_SIZE" value="$this->maxFileSizeBytes" /> |
2951 | + <table> |
2952 | + <tr> |
2953 | + <td><label for="file">New $this->displayType File<span class="required">*</span></label></td> |
2954 | + <td colspan="3"> |
2955 | + <input type="file" name="media_file" onchange="fileFormSubmit();this.form.submit();" /> |
2956 | + </td> |
2957 | + </tr> |
2958 | + </table> |
2959 | + </form> |
2960 | + </div> |
2961 | + <div id="uploadProgress" style="display:none"> |
2962 | + <img src="img/loading.gif"><span style="padding-left:10px">You may fill in the form while your file is uploading.</span> |
2963 | + </div> |
2964 | + <form class="XiboForm" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=EditMedia"> |
2965 | + <input type="hidden" name="hidFileID" id="hidFileID" value="" /> |
2966 | + <input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /> |
2967 | + <input type="hidden" name="layoutid" value="$layoutid"> |
2968 | + <input type="hidden" name="regionid" value="$regionid"> |
2969 | + <input type="hidden" name="mediaid" value="$mediaid"> |
2970 | + <input type="hidden" name="lkid" value="$lkid"> |
2971 | + <input type="hidden" id="PHPSESSID" value="$sessionId" /> |
2972 | + <input type="hidden" id="SecurityToken" value="$securityToken" /> |
2973 | + <input type="hidden" name="showRegionOptions" value="$this->showRegionOptions" /> |
2974 | + <table> |
2975 | + <tr> |
2976 | + <td><label for="name" title="The name of the $this->displayType. Leave this blank to use the file name">Name</label></td> |
2977 | + <td><input id="name" name="name" type="text" value="$name"></td> |
2978 | + <td><label for="duration" title="The duration in seconds this media should be displayed (may be overridden on each layout)">Duration<span class="required">*</span></label></td> |
2979 | + <td><input id="duration" name="duration" type="text" value="$this->duration" $durationFieldEnabled></td> |
2980 | + </tr> |
2981 | + <tr> |
2982 | + <td></td> |
2983 | + <td>This form accepts: <span class="required">$this->validExtensionsText</span> files up to a maximum size of <span class="required">$this->maxFileSize</span>.</td> |
2984 | + </tr> |
2985 | + <tr> |
2986 | + <td></td> |
2987 | + <td colspan="2">$extraNotes</td> |
2988 | + </tr> |
2989 | + <tr> |
2990 | + <td></td> |
2991 | + <td colspan="3">$save_button</td> |
2992 | + </tr> |
2993 | + </table> |
2994 | + </form> |
2995 | +FORM; |
2996 | + |
2997 | + $this->response->html = $form; |
2998 | + $this->response->dialogTitle = 'Edit ' . $this->displayType; |
2999 | + $this->response->dialogSize = true; |
3000 | + $this->response->dialogWidth = '450px'; |
3001 | + $this->response->dialogHeight = '280px'; |
3002 | + |
3003 | + return $this->response; |
3004 | + } |
3005 | + |
3006 | /** |
3007 | * Default Add Media |
3008 | * @return |
3009 | @@ -542,6 +1003,171 @@ |
3010 | return $this->response; |
3011 | } |
3012 | |
3013 | + protected function AddLibraryMedia() |
3014 | + { |
3015 | + $db =& $this->db; |
3016 | + $layoutid = $this->layoutid; |
3017 | + $regionid = $this->regionid; |
3018 | + $mediaid = $this->mediaid; |
3019 | + $userid = $this->user->userid; |
3020 | + $backgroundImage = Kit::GetParam('backgroundImage', _POST, _BOOL, false); |
3021 | + |
3022 | + // File data |
3023 | + $tmpName = Kit::GetParam('hidFileID', _POST, _STRING); |
3024 | + |
3025 | + if ($tmpName == '') |
3026 | + { |
3027 | + $this->response->SetError('Cannot save Image details. <br/> You must have picked a file.'); |
3028 | + $this->response->keepOpen = true; |
3029 | + return $this->response; |
3030 | + } |
3031 | + |
3032 | + // File name and extension (orignial name) |
3033 | + $fileName = Kit::GetParam('txtFileName', _POST, _STRING); |
3034 | + $fileName = basename($fileName); |
3035 | + $ext = strtolower(substr(strrchr($fileName, "."), 1)); |
3036 | + |
3037 | + // Other properties |
3038 | + $name = Kit::GetParam('name', _POST, _STRING); |
3039 | + $duration = Kit::GetParam('duration', _POST, _INT, -1); |
3040 | + |
3041 | + if ($name == '') |
3042 | + $name = Kit::ValidateParam($fileName, _FILENAME); |
3043 | + |
3044 | + // Validation |
3045 | + if (!$this->IsValidExtension($ext)) |
3046 | + { |
3047 | + $this->response->SetError(sprintf(__('Your file has an extension not supported by Media Type %s'), $this->displayType)); |
3048 | + $this->response->keepOpen = true; |
3049 | + return $this->response; |
3050 | + } |
3051 | + |
3052 | + // Make sure the name isnt too long |
3053 | + if (strlen($name) > 100) |
3054 | + { |
3055 | + $this->response->SetError(__('The name cannot be longer than 100 characters')); |
3056 | + $this->response->keepOpen = true; |
3057 | + return $this->response; |
3058 | + } |
3059 | + |
3060 | + if ($duration < 0) |
3061 | + { |
3062 | + $this->response->SetError(__('You must enter a duration.')); |
3063 | + $this->response->keepOpen = true; |
3064 | + return $this->response; |
3065 | + } |
3066 | + |
3067 | + // Ensure the name is not already in the database |
3068 | + $SQL = sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userid); |
3069 | + |
3070 | + if(!$result = $db->query($SQL)) |
3071 | + { |
3072 | + trigger_error($db->error()); |
3073 | + $this->response->SetError('Error checking whether the media name is ok. Try choosing a different name.'); |
3074 | + $this->response->keepOpen = true; |
3075 | + return $this->response; |
3076 | + } |
3077 | + |
3078 | + if ($db->num_rows($result) != 0) |
3079 | + { |
3080 | + $this->response->SetError('Some media you own already has this name. Please choose another.'); |
3081 | + $this->response->keepOpen = true; |
3082 | + return $this->response; |
3083 | + } |
3084 | + |
3085 | + // All OK to insert this record |
3086 | + $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) "; |
3087 | + $SQL .= "VALUES ('%s', '$this->type', '%s', '%s', %d, 0) "; |
3088 | + |
3089 | + $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($duration), $db->escape_string($fileName), $userid); |
3090 | + |
3091 | + if (!$mediaid = $db->insert_query($SQL)) |
3092 | + { |
3093 | + trigger_error($db->error()); |
3094 | + $this->response->SetError(__('Database error adding this media record.')); |
3095 | + $this->response->keepOpen = true; |
3096 | + return $this->response; |
3097 | + } |
3098 | + |
3099 | + // File upload directory.. get this from the settings object |
3100 | + $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION'); |
3101 | + |
3102 | + // What are we going to store this media as... |
3103 | + $storedAs = $mediaid . '.' . $ext; |
3104 | + |
3105 | + // Now we need to move the file |
3106 | + if (!$result = rename($databaseDir . 'temp/' . $tmpName, $databaseDir . $storedAs)) |
3107 | + { |
3108 | + // If we couldnt move it - we need to delete the media record we just added |
3109 | + $SQL = sprintf("DELETE FROM media WHERE mediaID = %d ", $mediaid); |
3110 | + |
3111 | + if (!$db->query($SQL)) |
3112 | + { |
3113 | + trigger_error($db->error()); |
3114 | + $this->response->SetError(__('Error storing file')); |
3115 | + $this->response->keepOpen = true; |
3116 | + return $this->response; |
3117 | + } |
3118 | + } |
3119 | + |
3120 | + // Calculate the MD5 and the file size |
3121 | + $md5 = md5_file($databaseDir.$storedAs); |
3122 | + $fileSize = filesize($databaseDir.$storedAs); |
3123 | + |
3124 | + // Update the media record to include this information |
3125 | + $SQL = sprintf("UPDATE media SET storedAs = '%s', `MD5` = '%s', FileSize = %d WHERE mediaid = %d", $storedAs, $md5, $fileSize, $mediaid); |
3126 | + |
3127 | + if (!$db->query($SQL)) |
3128 | + { |
3129 | + trigger_error($db->error()); |
3130 | + return true; |
3131 | + } |
3132 | + |
3133 | + // Required Attributes |
3134 | + $this->mediaid = $mediaid; |
3135 | + $this->duration = $duration; |
3136 | + |
3137 | + // Any Options |
3138 | + $this->SetOption('uri', $storedAs); |
3139 | + |
3140 | + // Should have built the media object entirely by this time |
3141 | + if ($regionid != '' && $this->showRegionOptions) |
3142 | + { |
3143 | + // This saves the Media Object to the Region |
3144 | + $this->UpdateRegion(); |
3145 | + $this->response->loadFormUri = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions";; |
3146 | + } |
3147 | + elseif ($regionid != '' && !$this->showRegionOptions) |
3148 | + { |
3149 | + $this->UpdateRegion(); |
3150 | + $this->response->loadForm = false; |
3151 | + } |
3152 | + else |
3153 | + { |
3154 | + $this->response->loadFormUri = "index.php?p=content&q=displayForms&sp=add"; |
3155 | + } |
3156 | + |
3157 | + // We want to load a new form |
3158 | + $this->response->loadForm = true; |
3159 | + |
3160 | + // If we just added a background we should load the background form |
3161 | + if ($backgroundImage) |
3162 | + { |
3163 | + $this->response->loadFormUri = "index.php?p=layout&q=BackgroundForm&modify=true&layoutid=$layoutid&backgroundOveride=$storedAs"; |
3164 | + } |
3165 | + |
3166 | + // What permissions should we assign this with? |
3167 | + if (Config::GetSetting($db, 'MEDIA_DEFAULT') == 'public') |
3168 | + { |
3169 | + Kit::ClassLoader('mediagroupsecurity'); |
3170 | + |
3171 | + $security = new MediaGroupSecurity($db); |
3172 | + $security->LinkEveryone($mediaid, 1, 0, 0); |
3173 | + } |
3174 | + |
3175 | + return $this->response; |
3176 | + } |
3177 | + |
3178 | /** |
3179 | * Default EditMedia |
3180 | * @return |
3181 | @@ -554,18 +1180,256 @@ |
3182 | return $this->response; |
3183 | } |
3184 | |
3185 | - /** |
3186 | - * Default GetName |
3187 | - * @return |
3188 | - */ |
3189 | - public function GetName() |
3190 | - { |
3191 | - $db =& $this->db; |
3192 | - |
3193 | - Debug::LogEntry($db, 'audit', sprintf('Module name returned for MediaID: %s is %s', $this->mediaid, $this->name), 'Module', 'GetName'); |
3194 | - |
3195 | - return $this->name; |
3196 | - } |
3197 | + protected function EditLibraryMedia() |
3198 | + { |
3199 | + $db =& $this->db; |
3200 | + $user =& $this->user; |
3201 | + $layoutid = $this->layoutid; |
3202 | + $regionid = $this->regionid; |
3203 | + $mediaid = $this->mediaid; |
3204 | + $userid = $this->user->userid; |
3205 | + |
3206 | + if (!$this->auth->edit) |
3207 | + { |
3208 | + $this->response->SetError('You do not have permission to edit this media.'); |
3209 | + $this->response->keepOpen = false; |
3210 | + return $this->response; |
3211 | + } |
3212 | + |
3213 | + // Stored As from the XML |
3214 | + $storedAs = $this->GetOption('uri'); |
3215 | + |
3216 | + // File data |
3217 | + $tmpName = Kit::GetParam('hidFileID', _POST, _STRING); |
3218 | + |
3219 | + if ($tmpName == '') |
3220 | + { |
3221 | + $fileRevision = false; |
3222 | + } |
3223 | + else |
3224 | + { |
3225 | + $fileRevision = true; |
3226 | + |
3227 | + // File name and extension (orignial name) |
3228 | + $fileName = Kit::GetParam('txtFileName', _POST, _STRING); |
3229 | + $fileName = basename($fileName); |
3230 | + $ext = strtolower(substr(strrchr($fileName, "."), 1)); |
3231 | + |
3232 | + if (!$this->IsValidExtension($ext)) |
3233 | + { |
3234 | + $this->response->SetError('Your file has an extension not supported by this Media Type.'); |
3235 | + $this->response->keepOpen = true; |
3236 | + return $this->response; |
3237 | + } |
3238 | + } |
3239 | + |
3240 | + // Other properties |
3241 | + $name = Kit::GetParam('name', _POST, _STRING); |
3242 | + |
3243 | + if ($this->auth->modifyPermissions) |
3244 | + $this->duration = Kit::GetParam('duration', _POST, _INT, 0); |
3245 | + |
3246 | + if ($name == '') |
3247 | + { |
3248 | + if ($fileRevision) |
3249 | + { |
3250 | + $name = Kit::ValidateParam($fileName, _FILENAME); |
3251 | + } |
3252 | + else |
3253 | + { |
3254 | + $this->response->SetError(__('The Name cannot be blank.')); |
3255 | + $this->response->keepOpen = true; |
3256 | + return $this->response; |
3257 | + } |
3258 | + } |
3259 | + |
3260 | + // Make sure the name isnt too long |
3261 | + if (strlen($name) > 100) |
3262 | + { |
3263 | + $this->response->SetError(__('The name cannot be longer than 100 characters')); |
3264 | + $this->response->keepOpen = true; |
3265 | + return $this->response; |
3266 | + } |
3267 | + |
3268 | + if ($this->duration < 0) |
3269 | + { |
3270 | + $this->response->SetError(__('You must enter a duration.')); |
3271 | + $this->response->keepOpen = true; |
3272 | + return $this->response; |
3273 | + } |
3274 | + |
3275 | + // Ensure the name is not already in the database |
3276 | + $SQL = sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d AND mediaid <> %d AND IsEdited = 0", $db->escape_string($name), $userid, $mediaid); |
3277 | + |
3278 | + if(!$result = $db->query($SQL)) |
3279 | + { |
3280 | + trigger_error($db->error()); |
3281 | + $this->response->SetError(__('Error checking whether the media name is ok. Try choosing a different name.')); |
3282 | + $this->response->keepOpen = true; |
3283 | + return $this->response; |
3284 | + } |
3285 | + |
3286 | + if ($db->num_rows($result) != 0) |
3287 | + { |
3288 | + $this->response->SetError(__('Some media you own already has this name. Please choose another.')); |
3289 | + $this->response->keepOpen = true; |
3290 | + return $this->response; |
3291 | + } |
3292 | + |
3293 | + //Are we revising this media - or just plain editing |
3294 | + if ($fileRevision) |
3295 | + { |
3296 | + // All OK to insert this record |
3297 | + $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) "; |
3298 | + $SQL .= "VALUES ('%s', '$this->type', '%s', '%s', %d, 0) "; |
3299 | + |
3300 | + $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($this->duration), $db->escape_string($fileName), $userid); |
3301 | + |
3302 | + if (!$new_mediaid = $db->insert_query($SQL)) |
3303 | + { |
3304 | + trigger_error($db->error()); |
3305 | + trigger_error('Error inserting replacement media record.', E_USER_ERROR); |
3306 | + } |
3307 | + |
3308 | + //What are we going to store this media as... |
3309 | + $storedAs = $new_mediaid . '.' . $ext; |
3310 | + |
3311 | + // File upload directory.. get this from the settings object |
3312 | + $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION'); |
3313 | + |
3314 | + //Now we need to move the file |
3315 | + if (!$result = rename($databaseDir . '/temp/' . $tmpName, $databaseDir . $storedAs)) |
3316 | + { |
3317 | + //If we couldnt move it - we need to delete the media record we just added |
3318 | + $SQL = "DELETE FROM media WHERE mediaID = $new_mediaid "; |
3319 | + |
3320 | + if (!$db->insert_query($SQL)) |
3321 | + { |
3322 | + $this->response->SetError('Error rolling back transcation.'); |
3323 | + $this->response->keepOpen = true; |
3324 | + return $this->response; |
3325 | + } |
3326 | + } |
3327 | + |
3328 | + // Calculate the MD5 and the file size |
3329 | + $md5 = md5_file($databaseDir.$storedAs); |
3330 | + $fileSize = filesize($databaseDir.$storedAs); |
3331 | + |
3332 | + // Update the media record to include this information |
3333 | + $SQL = sprintf("UPDATE media SET storedAs = '%s', `MD5` = '%s', FileSize = %d WHERE mediaid = %d", $storedAs, $md5, $fileSize, $new_mediaid); |
3334 | + |
3335 | + if (!$db->query($SQL)) |
3336 | + { |
3337 | + trigger_error($db->error()); |
3338 | + $this->response->SetError('Error updating media with Library location.'); |
3339 | + $this->response->keepOpen = true; |
3340 | + return $this->response; |
3341 | + } |
3342 | + |
3343 | + // Update the existing record with the new record's id |
3344 | + $SQL = "UPDATE media SET isEdited = 1, editedMediaID = $new_mediaid "; |
3345 | + $SQL .= " WHERE IFNULL(editedMediaID,0) <> $new_mediaid AND mediaID = $mediaid "; |
3346 | + |
3347 | + Debug::LogEntry($db, 'audit', $SQL); |
3348 | + |
3349 | + if (!$db->query($SQL)) |
3350 | + { |
3351 | + trigger_error($db->error()); |
3352 | + |
3353 | + $this->response->SetError('Database error editing this media record.'); |
3354 | + $this->response->keepOpen = true; |
3355 | + return $this->response; |
3356 | + } |
3357 | + |
3358 | + // We need to assign all permissions for the old media id to the new media id |
3359 | + Kit::ClassLoader('mediagroupsecurity'); |
3360 | + |
3361 | + $security = new MediaGroupSecurity($db); |
3362 | + $security->Copy($mediaid, $new_mediaid); |
3363 | + |
3364 | + // Are we on a region |
3365 | + if ($regionid != '') |
3366 | + { |
3367 | + Kit::ClassLoader('layoutmediagroupsecurity'); |
3368 | + |
3369 | + $security = new LayoutMediaGroupSecurity($db); |
3370 | + $security->Copy($layoutid, $regionid, $mediaid, $new_mediaid); |
3371 | + } |
3372 | + } |
3373 | + else |
3374 | + { |
3375 | + // Editing the existing record |
3376 | + $new_mediaid = $mediaid; |
3377 | + |
3378 | + $SQL = "UPDATE media SET name = '%s' "; |
3379 | + $SQL .= " WHERE mediaID = %d "; |
3380 | + $SQL = sprintf($SQL, $db->escape_string($name), $mediaid); |
3381 | + |
3382 | + Debug::LogEntry($db, 'audit', $SQL); |
3383 | + |
3384 | + if (!$db->query($SQL)) |
3385 | + { |
3386 | + trigger_error($db->error()); |
3387 | + |
3388 | + $this->response->SetError('Database error editing this media record.'); |
3389 | + $this->response->keepOpen = true; |
3390 | + return $this->response; |
3391 | + } |
3392 | + } |
3393 | + |
3394 | + // Required Attributes |
3395 | + $this->mediaid = $new_mediaid; |
3396 | + |
3397 | + // Any Options |
3398 | + $this->SetOption('uri', $storedAs); |
3399 | + |
3400 | + // Should have built the media object entirely by this time |
3401 | + if ($regionid != '' && $this->showRegionOptions) |
3402 | + { |
3403 | + // This saves the Media Object to the Region |
3404 | + $this->UpdateRegion(); |
3405 | + |
3406 | + $this->response->loadForm = true; |
3407 | + $this->response->loadFormUri = "index.php?p=layout&layoutid=$layoutid®ionid=$regionid&q=RegionOptions";; |
3408 | + } |
3409 | + elseif ($regionid != '' && !$this->showRegionOptions) |
3410 | + { |
3411 | + $this->UpdateRegion(); |
3412 | + $this->response->loadForm = false; |
3413 | + } |
3414 | + else |
3415 | + { |
3416 | + // We are in the library so we therefore have to update the duration with the new value. |
3417 | + // We could do this in the above code, but it is much simpler here until we rewrite |
3418 | + // these classes to use a data base class. |
3419 | + $db->query(sprintf("UPDATE media SET duration = %d WHERE mediaID = %d", $this->duration, $this->mediaid)); |
3420 | + |
3421 | + $this->response->message = 'Edited the ' . $this->displayType; |
3422 | + } |
3423 | + |
3424 | + return $this->response; |
3425 | + } |
3426 | + |
3427 | + /** |
3428 | + * Default GetName |
3429 | + * @return |
3430 | + */ |
3431 | + public function GetName() |
3432 | + { |
3433 | + $db =& $this->db; |
3434 | + |
3435 | + if ($this->name == '' && !$this->regionSpecific) |
3436 | + { |
3437 | + // Load what we know about this media into the object |
3438 | + $SQL = "SELECT name FROM media WHERE mediaID = %d "; |
3439 | + |
3440 | + $this->name = $db->GetSingleValue(sprintf($SQL, $this->mediaid), 'name', _STRING); |
3441 | + } |
3442 | + |
3443 | + Debug::LogEntry($db, 'audit', sprintf('Module name returned for MediaID: %s is %s', $this->mediaid, $this->name), 'Module', 'GetName'); |
3444 | + |
3445 | + return $this->name; |
3446 | + } |
3447 | |
3448 | /** |
3449 | * Preview code for a module |
3450 | @@ -585,5 +1449,231 @@ |
3451 | { |
3452 | return $this->regionSpecific; |
3453 | } |
3454 | + |
3455 | + /** |
3456 | + * Permissions form |
3457 | + */ |
3458 | + public function PermissionsForm() |
3459 | + { |
3460 | + $db =& $this->db; |
3461 | + $user =& $this->user; |
3462 | + $response = $this->response; |
3463 | + $helpManager = new HelpManager($db, $user); |
3464 | + |
3465 | + if (!$this->auth->modifyPermissions) |
3466 | + trigger_error(__('You do not have permissions to edit this media'), E_USER_ERROR); |
3467 | + |
3468 | + // Form content |
3469 | + $form = '<form id="LayoutPermissionsForm" class="XiboForm" method="post" action="index.php?p=module&mod=' . $this->type . '&q=Exec&method=Permissions">'; |
3470 | + $form .= '<input type="hidden" name="layoutid" value="' . $this->layoutid . '" />'; |
3471 | + $form .= '<input type="hidden" name="regionid" value="' . $this->regionid . '" />'; |
3472 | + $form .= '<input type="hidden" name="mediaid" value="' . $this->mediaid . '" />'; |
3473 | + $form .= '<div class="dialog_table">'; |
3474 | + $form .= ' <table style="width:100%">'; |
3475 | + $form .= ' <tr>'; |
3476 | + $form .= ' <th>' . __('Group') . '</th>'; |
3477 | + $form .= ' <th>' . __('View') . '</th>'; |
3478 | + $form .= ' <th>' . __('Edit') . '</th>'; |
3479 | + $form .= ' <th>' . __('Delete') . '</th>'; |
3480 | + $form .= ' </tr>'; |
3481 | + |
3482 | + // List of all Groups with a view/edit/delete checkbox |
3483 | + $SQL = ''; |
3484 | + $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific '; |
3485 | + $SQL .= ' FROM `group` '; |
3486 | + |
3487 | + if ($this->assignedMedia) |
3488 | + { |
3489 | + $SQL .= ' LEFT OUTER JOIN lklayoutmediagroup '; |
3490 | + $SQL .= ' ON lklayoutmediagroup.GroupID = group.GroupID '; |
3491 | + $SQL .= sprintf(" AND lklayoutmediagroup.MediaID = '%s' AND lklayoutmediagroup.RegionID = '%s' AND lklayoutmediagroup.LayoutID = %d ", $this->mediaid, $this->regionid, $this->layoutid); |
3492 | + } |
3493 | + else |
3494 | + { |
3495 | + $SQL .= ' LEFT OUTER JOIN lkmediagroup '; |
3496 | + $SQL .= ' ON lkmediagroup.GroupID = group.GroupID '; |
3497 | + $SQL .= sprintf(' AND lkmediagroup.MediaID = %d ', $this->mediaid); |
3498 | + } |
3499 | + |
3500 | + $SQL .= ' WHERE `group`.GroupID <> %d '; |
3501 | + $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` '; |
3502 | + |
3503 | + $SQL = sprintf($SQL, $user->getGroupFromId($user->userid, true)); |
3504 | + |
3505 | + Debug::LogEntry($db, 'audit', $SQL, 'module', 'PermissionsForm'); |
3506 | + |
3507 | + if (!$results = $db->query($SQL)) |
3508 | + { |
3509 | + trigger_error($db->error()); |
3510 | + trigger_error(__('Unable to get permissions for this layout'), E_USER_ERROR); |
3511 | + } |
3512 | + |
3513 | + while($row = $db->get_assoc_row($results)) |
3514 | + { |
3515 | + $groupId = $row['GroupID']; |
3516 | + $group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group']; |
3517 | + |
3518 | + $form .= '<tr>'; |
3519 | + $form .= ' <td>' . $group . '</td>'; |
3520 | + $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>'; |
3521 | + $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>'; |
3522 | + $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>'; |
3523 | + $form .= '</tr>'; |
3524 | + } |
3525 | + |
3526 | + $form .= '</table>'; |
3527 | + $form .= '</div>'; |
3528 | + $form .= '</form>'; |
3529 | + |
3530 | + $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px'); |
3531 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Layout', 'Permissions') . '")'); |
3532 | + $response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=layout&layoutid=' . $this->layoutid . '®ionid=' . $this->regionid . '&q=RegionOptions")'); |
3533 | + $response->AddButton(__('Save'), '$("#LayoutPermissionsForm").submit()'); |
3534 | + |
3535 | + return $response; |
3536 | + } |
3537 | + |
3538 | + /** |
3539 | + * Permissions Edit |
3540 | + */ |
3541 | + public function Permissions() |
3542 | + { |
3543 | + $db =& $this->db; |
3544 | + $user =& $this->user; |
3545 | + $response = $this->response; |
3546 | + |
3547 | + Kit::ClassLoader('mediagroupsecurity'); |
3548 | + Kit::ClassLoader('layoutmediagroupsecurity'); |
3549 | + |
3550 | + $layoutId = Kit::GetParam('layoutid', _POST, _INT); |
3551 | + $regionId = Kit::GetParam('regionid', _POST, _STRING); |
3552 | + $mediaId = Kit::GetParam('mediaid', _POST, _STRING); |
3553 | + $groupIds = Kit::GetParam('groupids', _POST, _ARRAY); |
3554 | + |
3555 | + if (!$this->auth->modifyPermissions) |
3556 | + trigger_error(__('You do not have permissions to edit this layout'), E_USER_ERROR); |
3557 | + |
3558 | + // Unlink all |
3559 | + if ($this->assignedMedia) |
3560 | + { |
3561 | + $layoutMediaSecurity = new LayoutMediaGroupSecurity($db); |
3562 | + if (!$layoutMediaSecurity->UnlinkAll($layoutId, $regionId, $mediaId)) |
3563 | + trigger_error(__('Unable to set permissions')); |
3564 | + } |
3565 | + else |
3566 | + { |
3567 | + $mediaSecurity = new MediaGroupSecurity($db); |
3568 | + if (!$mediaSecurity->UnlinkAll($mediaId)) |
3569 | + trigger_error(__('Unable to set permissions')); |
3570 | + } |
3571 | + |
3572 | + // Some assignments for the loop |
3573 | + $lastGroupId = 0; |
3574 | + $first = true; |
3575 | + $view = 0; |
3576 | + $edit = 0; |
3577 | + $del = 0; |
3578 | + |
3579 | + // List of groupIds with view, edit and del assignments |
3580 | + foreach($groupIds as $groupPermission) |
3581 | + { |
3582 | + $groupPermission = explode('_', $groupPermission); |
3583 | + $groupId = $groupPermission[0]; |
3584 | + |
3585 | + if ($first) |
3586 | + { |
3587 | + // First time through |
3588 | + $first = false; |
3589 | + $lastGroupId = $groupId; |
3590 | + } |
3591 | + |
3592 | + if ($groupId != $lastGroupId) |
3593 | + { |
3594 | + // The groupId has changed, so we need to write the current settings to the db. |
3595 | + // Link new permissions |
3596 | + if ($this->assignedMedia) |
3597 | + { |
3598 | + if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) |
3599 | + trigger_error(__('Unable to set permissions')); |
3600 | + } |
3601 | + else |
3602 | + { |
3603 | + if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) |
3604 | + trigger_error(__('Unable to set permissions')); |
3605 | + } |
3606 | + |
3607 | + // Reset |
3608 | + $lastGroupId = $groupId; |
3609 | + $view = 0; |
3610 | + $edit = 0; |
3611 | + $del = 0; |
3612 | + } |
3613 | + |
3614 | + switch ($groupPermission[1]) |
3615 | + { |
3616 | + case 'view': |
3617 | + $view = 1; |
3618 | + break; |
3619 | + |
3620 | + case 'edit': |
3621 | + $edit = 1; |
3622 | + break; |
3623 | + |
3624 | + case 'del': |
3625 | + $del = 1; |
3626 | + break; |
3627 | + } |
3628 | + } |
3629 | + |
3630 | + // Need to do the last one |
3631 | + if (!$first) |
3632 | + { |
3633 | + if ($this->assignedMedia) |
3634 | + { |
3635 | + if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) |
3636 | + trigger_error(__('Unable to set permissions')); |
3637 | + } |
3638 | + else |
3639 | + { |
3640 | + if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) |
3641 | + trigger_error(__('Unable to set permissions')); |
3642 | + } |
3643 | + } |
3644 | + |
3645 | + $response->SetFormSubmitResponse(__('Permissions Changed')); |
3646 | + |
3647 | + return $response; |
3648 | + } |
3649 | + |
3650 | + /** |
3651 | + * Deletes the media files associated with this record |
3652 | + * @return |
3653 | + */ |
3654 | + private function DeleteMediaFiles($fileName) |
3655 | + { |
3656 | + $db =& $this->db; |
3657 | + |
3658 | + //Library location |
3659 | + $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION'); |
3660 | + |
3661 | + //3 things to check for.. |
3662 | + //the actual file, the thumbnail, the background |
3663 | + if (file_exists($databaseDir . $fileName)) |
3664 | + { |
3665 | + unlink($databaseDir . $fileName); |
3666 | + } |
3667 | + |
3668 | + if (file_exists($databaseDir . 'tn_' . $fileName)) |
3669 | + { |
3670 | + unlink($databaseDir . 'tn_' . $fileName); |
3671 | + } |
3672 | + |
3673 | + if (file_exists($databaseDir . 'bg_' . $fileName)) |
3674 | + { |
3675 | + unlink($databaseDir . 'bg_' . $fileName); |
3676 | + } |
3677 | + |
3678 | + return true; |
3679 | + } |
3680 | } |
3681 | ?> |
3682 | \ No newline at end of file |
3683 | |
3684 | === modified file 'server/lib/pages/content.class.php' |
3685 | --- server/lib/pages/content.class.php 2011-06-05 16:17:41 +0000 |
3686 | +++ server/lib/pages/content.class.php 2011-08-18 23:36:27 +0000 |
3687 | @@ -70,11 +70,6 @@ |
3688 | if (isset($_SESSION['content']['usertype'])) $usertype = $_SESSION['content']['usertype']; |
3689 | if (isset($_SESSION['content']['playlistid'])) $playlistid = $_SESSION['content']['playlistid']; |
3690 | |
3691 | - //shared list |
3692 | - $shared = "All"; |
3693 | - if (isset($_SESSION['content']['shared'])) $shared = $_SESSION['content']['shared']; |
3694 | - $shared_list = dropdownlist("SELECT 'all','All' UNION SELECT permissionID, permission FROM permission", "shared", $shared); |
3695 | - |
3696 | $filter_userid = ""; |
3697 | if (isset($_SESSION['content']['filter_userid'])) $filter_userid = $_SESSION['content']['filter_userid']; |
3698 | |
3699 | @@ -122,8 +117,6 @@ |
3700 | <td>$user_list</td> |
3701 | <td></td> |
3702 | <td></td> |
3703 | - <td>$msgShared</td> |
3704 | - <td>$shared_list</td> |
3705 | </tr> |
3706 | </table> |
3707 | </form> |
3708 | @@ -174,12 +167,9 @@ |
3709 | $SQL .= " media.name, "; |
3710 | $SQL .= " media.type, "; |
3711 | $SQL .= " media.duration, "; |
3712 | - $SQL .= " media.userID, "; |
3713 | - $SQL .= " permission.permission, "; |
3714 | - $SQL .= " media.permissionID "; |
3715 | + $SQL .= " media.userID "; |
3716 | $SQL .= "FROM media "; |
3717 | - $SQL .= "INNER JOIN permission ON permission.permissionID = media.permissionID "; |
3718 | - $SQL .= "WHERE 1 = 1 AND isEdited = 0 "; |
3719 | + $SQL .= "WHERE isEdited = 0 "; |
3720 | if ($mediatype != "all") |
3721 | { |
3722 | $SQL .= sprintf(" AND media.type = '%s'", $db->escape_string($mediatype)); |
3723 | @@ -192,10 +182,6 @@ |
3724 | { |
3725 | $SQL .= sprintf(" AND media.userid = %d ", $filter_userid); |
3726 | } |
3727 | - if ($shared != "all") |
3728 | - { |
3729 | - $SQL .= sprintf(" AND media.permissionID = %d ", $shared); |
3730 | - } |
3731 | //retired options |
3732 | if ($filter_retired == '1') |
3733 | { |
3734 | @@ -220,7 +206,7 @@ |
3735 | $msgType = __('Type'); |
3736 | $msgRetired = __('Retired'); |
3737 | $msgOwner = __('Owner'); |
3738 | - $msgShared = __('Shared'); |
3739 | + $msgShared = __('Permissions'); |
3740 | $msgAction = __('Action'); |
3741 | |
3742 | $output = <<<END |
3743 | @@ -231,83 +217,86 @@ |
3744 | <th>$msgName</th> |
3745 | <th>$msgType</th> |
3746 | <th>h:mi:ss</th> |
3747 | + <th>$msgOwner</th> |
3748 | <th>$msgShared</th> |
3749 | - <th>$msgOwner</th> |
3750 | <th>$msgAction</th> |
3751 | </tr> |
3752 | </thead> |
3753 | <tbody> |
3754 | END; |
3755 | |
3756 | - while ($aRow = $db->get_row($results)) |
3757 | - { |
3758 | - $mediaid = Kit::ValidateParam($aRow[0], _INT); |
3759 | - $media = Kit::ValidateParam($aRow[1], _STRING); |
3760 | - $mediatype = Kit::ValidateParam($aRow[2], _WORD); |
3761 | - $length = sec2hms(Kit::ValidateParam($aRow[3], _DOUBLE)); |
3762 | - $ownerid = Kit::ValidateParam($aRow[4], _INT); |
3763 | - |
3764 | - $permission = Kit::ValidateParam($aRow[5], _STRING); |
3765 | - $permissionid = Kit::ValidateParam($aRow[6], _INT); |
3766 | - |
3767 | - //get the username from the userID using the user module |
3768 | - $username = $user->getNameFromID($ownerid); |
3769 | - $group = $user->getGroupFromID($ownerid); |
3770 | - |
3771 | - //get the permissions |
3772 | - list($see_permissions , $edit_permissions) = $user->eval_permission($ownerid, $permissionid); |
3773 | - |
3774 | - if ($see_permissions) //is this user allowed to see this |
3775 | - { |
3776 | - if ($edit_permissions) |
3777 | - { |
3778 | - //double click action - depends on what type of media we are |
3779 | - $output .= <<<END |
3780 | - <tr href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid' ondblclick="XiboFormRender($(this).attr('href'))"> |
3781 | -END; |
3782 | - } |
3783 | - else |
3784 | - { |
3785 | - $output .= '<tr ondblclick="alert(' . __('You do not have permission to edit this media') . ')">'; |
3786 | - } |
3787 | - |
3788 | - $output .= "<td>$media</td>\n"; |
3789 | - $output .= "<td>$mediatype</td>\n"; |
3790 | - $output .= "<td>$length</td>\n"; |
3791 | - $output .= "<td>$permission</td>\n"; |
3792 | - $output .= "<td>$username</td>"; |
3793 | - |
3794 | - // ACTION buttons |
3795 | - if ($edit_permissions) |
3796 | - { |
3797 | - $msgEdit = __('Edit'); |
3798 | - $msgDelete = __('Delete'); |
3799 | - |
3800 | - $buttons = "<button class='XiboFormButton' title='$msgEdit' href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid'><span>$msgEdit</span></button>"; |
3801 | - $buttons .= "<button class='XiboFormButton' title='$msgDelete' href='index.php?p=module&mod=$mediatype&q=Exec&method=DeleteForm&mediaid=$mediaid'><span>$msgDelete</span></button>"; |
3802 | - } |
3803 | - else |
3804 | - { |
3805 | - $buttons = __("No available actions."); |
3806 | - } |
3807 | - |
3808 | - $output .= <<<END |
3809 | - <td> |
3810 | - <div class='buttons'> |
3811 | - $buttons |
3812 | - </div> |
3813 | - </td> |
3814 | -END; |
3815 | - |
3816 | - $output .= "</tr>\n"; |
3817 | - } |
3818 | - } |
3819 | + while ($aRow = $db->get_row($results)) |
3820 | + { |
3821 | + $mediaid = Kit::ValidateParam($aRow[0], _INT); |
3822 | + $media = Kit::ValidateParam($aRow[1], _STRING); |
3823 | + $mediatype = Kit::ValidateParam($aRow[2], _WORD); |
3824 | + $length = sec2hms(Kit::ValidateParam($aRow[3], _DOUBLE)); |
3825 | + $ownerid = Kit::ValidateParam($aRow[4], _INT); |
3826 | + |
3827 | + //get the username from the userID using the user module |
3828 | + $username = $user->getNameFromID($ownerid); |
3829 | + |
3830 | + $group = $this->GroupsForMedia($mediaid); |
3831 | + |
3832 | + // Permissions |
3833 | + $auth = $this->user->MediaAuth($mediaid, true); |
3834 | + |
3835 | + if ($auth->view) //is this user allowed to see this |
3836 | + { |
3837 | + if ($auth->edit) |
3838 | + { |
3839 | + //double click action - depends on what type of media we are |
3840 | + $output .= <<<END |
3841 | + <tr href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid' ondblclick="XiboFormRender($(this).attr('href'))"> |
3842 | +END; |
3843 | + } |
3844 | + else |
3845 | + { |
3846 | + $output .= '<tr ondblclick="alert(' . __('You do not have permission to edit this media') . ')">'; |
3847 | + } |
3848 | + |
3849 | + $output .= "<td>$media</td>\n"; |
3850 | + $output .= "<td>$mediatype</td>\n"; |
3851 | + $output .= "<td>$length</td>\n"; |
3852 | + $output .= "<td>$username</td>"; |
3853 | + $output .= "<td>$group</td>"; |
3854 | + |
3855 | + // ACTION buttons |
3856 | + if ($auth->edit) |
3857 | + { |
3858 | + $msgEdit = __('Edit'); |
3859 | + $msgDelete = __('Delete'); |
3860 | + |
3861 | + $buttons = "<button class='XiboFormButton' title='$msgEdit' href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid'><span>$msgEdit</span></button>"; |
3862 | + |
3863 | + if ($auth->del) |
3864 | + $buttons .= "<button class='XiboFormButton' title='$msgDelete' href='index.php?p=module&mod=$mediatype&q=Exec&method=DeleteForm&mediaid=$mediaid'><span>$msgDelete</span></button>"; |
3865 | + |
3866 | + if ($auth->modifyPermissions) |
3867 | + $buttons .= "<button class='XiboFormButton' title='$msgShared' href='index.php?p=module&mod=$mediatype&q=Exec&method=PermissionsForm&mediaid=$mediaid'><span>$msgShared</span></button>"; |
3868 | + } |
3869 | + else |
3870 | + { |
3871 | + $buttons = __("No available actions."); |
3872 | + } |
3873 | + |
3874 | + $output .= <<<END |
3875 | + <td> |
3876 | + <div class='buttons'> |
3877 | + $buttons |
3878 | + </div> |
3879 | + </td> |
3880 | +END; |
3881 | + |
3882 | + $output .= "</tr>\n"; |
3883 | + } |
3884 | + } |
3885 | |
3886 | $output .= "</tbody></table>\n</div>\n"; |
3887 | |
3888 | $response->SetGridResponse($output); |
3889 | - $response->Respond(); |
3890 | - } |
3891 | + $response->Respond(); |
3892 | + } |
3893 | |
3894 | /** |
3895 | * Display the forms |
3896 | @@ -501,11 +490,8 @@ |
3897 | $SQL .= " media.name, "; |
3898 | $SQL .= " media.type, "; |
3899 | $SQL .= " media.duration, "; |
3900 | - $SQL .= " media.userID, "; |
3901 | - $SQL .= " permission.permission, "; |
3902 | - $SQL .= " media.permissionID "; |
3903 | + $SQL .= " media.userID "; |
3904 | $SQL .= "FROM media "; |
3905 | - $SQL .= "INNER JOIN permission ON permission.permissionID = media.permissionID "; |
3906 | $SQL .= "WHERE retired = 0 AND isEdited = 0 "; |
3907 | if($mediatype != "all") |
3908 | { |
3909 | @@ -528,7 +514,6 @@ |
3910 | $msgType = __('Type'); |
3911 | $msgLen = __('Duration'); |
3912 | $msgOwner = __('Owner'); |
3913 | - $msgShared = __('Shared'); |
3914 | $msgSelect = __('Select'); |
3915 | |
3916 | //some table headings |
3917 | @@ -543,7 +528,6 @@ |
3918 | <th>$msgName</th> |
3919 | <th>$msgType</th> |
3920 | <th>$msgLen</th> |
3921 | - <th>$msgShared</th> |
3922 | <th>$msgSelect</th> |
3923 | </tr> |
3924 | </thead> |
3925 | @@ -559,26 +543,21 @@ |
3926 | $length = sec2hms(Kit::ValidateParam($row[3], _DOUBLE)); |
3927 | $ownerid = Kit::ValidateParam($row[4], _INT); |
3928 | |
3929 | - $permission = Kit::ValidateParam($row[5], _STRING); |
3930 | - $permissionid = Kit::ValidateParam($row[6], _INT); |
3931 | - |
3932 | //get the username from the userID using the user module |
3933 | $username = $user->getNameFromID($ownerid); |
3934 | $group = $user->getGroupFromID($ownerid); |
3935 | |
3936 | - //get the permissions |
3937 | - list($see_permissions , $edit_permissions) = $user->eval_permission($ownerid, $permissionid); |
3938 | - |
3939 | - if ($see_permissions) |
3940 | - { //is this user allowed to see this |
3941 | + // Permissions |
3942 | + $auth = $this->user->MediaAuth($mediaid, true); |
3943 | |
3944 | - $form .= "<tr>"; |
3945 | - $form .= "<td>" . $media . "</td>\n"; |
3946 | - $form .= "<td>" . $mediatype . "</td>\n"; |
3947 | - $form .= "<td>" . $length . "</td>\n"; |
3948 | - $form .= "<td>" . $permission . "</td>\n"; |
3949 | - $form .= "<td><input type='checkbox' name='mediaids[]' value='$mediaid'></td>"; |
3950 | - $form .= "</tr>"; |
3951 | + if ($auth->view) //is this user allowed to see this |
3952 | + { |
3953 | + $form .= "<tr>"; |
3954 | + $form .= "<td>" . $media . "</td>\n"; |
3955 | + $form .= "<td>" . $mediatype . "</td>\n"; |
3956 | + $form .= "<td>" . $length . "</td>\n"; |
3957 | + $form .= "<td><input type='checkbox' name='mediaids[]' value='$mediaid'></td>"; |
3958 | + $form .= "</tr>"; |
3959 | } |
3960 | } |
3961 | |
3962 | @@ -674,5 +653,42 @@ |
3963 | Debug::LogEntry($db, "audit", "[OUT]", "FileUpload"); |
3964 | exit; |
3965 | } |
3966 | + |
3967 | + /** |
3968 | + * Get a list of group names for a layout |
3969 | + * @param <type> $layoutId |
3970 | + * @return <type> |
3971 | + */ |
3972 | + private function GroupsForMedia($mediaId) |
3973 | + { |
3974 | + $db =& $this->db; |
3975 | + |
3976 | + $SQL = ''; |
3977 | + $SQL .= 'SELECT `group`.Group '; |
3978 | + $SQL .= ' FROM `group` '; |
3979 | + $SQL .= ' INNER JOIN lkmediagroup '; |
3980 | + $SQL .= ' ON `group`.GroupID = lkmediagroup.GroupID '; |
3981 | + $SQL .= ' WHERE lkmediagroup.MediaID = %d '; |
3982 | + |
3983 | + $SQL = sprintf($SQL, $mediaId); |
3984 | + |
3985 | + if (!$results = $db->query($SQL)) |
3986 | + { |
3987 | + trigger_error($db->error()); |
3988 | + trigger_error(__('Unable to get group information for media'), E_USER_ERROR); |
3989 | + } |
3990 | + |
3991 | + $groups = ''; |
3992 | + |
3993 | + while ($row = $db->get_assoc_row($results)) |
3994 | + { |
3995 | + $groups .= $row['Group'] . ', '; |
3996 | + } |
3997 | + |
3998 | + $groups = trim($groups); |
3999 | + $groups = trim($groups, ','); |
4000 | + |
4001 | + return $groups; |
4002 | + } |
4003 | } |
4004 | ?> |
4005 | \ No newline at end of file |
4006 | |
4007 | === added file 'server/lib/pages/dataset.class.php' |
4008 | --- server/lib/pages/dataset.class.php 1970-01-01 00:00:00 +0000 |
4009 | +++ server/lib/pages/dataset.class.php 2011-08-18 23:36:27 +0000 |
4010 | @@ -0,0 +1,1022 @@ |
4011 | +<?php |
4012 | +/* |
4013 | + * Xibo - Digitial Signage - http://www.xibo.org.uk |
4014 | + * Copyright (C) 2011 Daniel Garner |
4015 | + * |
4016 | + * This file is part of Xibo. |
4017 | + * |
4018 | + * Xibo is free software: you can redistribute it and/or modify |
4019 | + * it under the terms of the GNU Affero General Public License as published by |
4020 | + * the Free Software Foundation, either version 3 of the License, or |
4021 | + * any later version. |
4022 | + * |
4023 | + * Xibo is distributed in the hope that it will be useful, |
4024 | + * but WITHOUT ANY WARRANTY; without even the implied warranty of |
4025 | + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
4026 | + * GNU Affero General Public License for more details. |
4027 | + * |
4028 | + * You should have received a copy of the GNU Affero General Public License |
4029 | + * along with Xibo. If not, see <http://www.gnu.org/licenses/>. |
4030 | + */ |
4031 | +defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.'); |
4032 | + |
4033 | +class datasetDAO |
4034 | +{ |
4035 | + private $db; |
4036 | + private $user; |
4037 | + |
4038 | + function __construct(database $db, user $user) |
4039 | + { |
4040 | + $this->db =& $db; |
4041 | + $this->user =& $user; |
4042 | + |
4043 | + Kit::ClassLoader('dataset'); |
4044 | + Kit::ClassLoader('datasetcolumn'); |
4045 | + Kit::ClassLoader('datasetdata'); |
4046 | + } |
4047 | + |
4048 | + function on_page_load() |
4049 | + { |
4050 | + return ""; |
4051 | + } |
4052 | + |
4053 | + function echo_page_heading() |
4054 | + { |
4055 | + echo __("Layouts"); |
4056 | + return true; |
4057 | + } |
4058 | + |
4059 | + function displayPage() |
4060 | + { |
4061 | + require('template/pages/dataset_view.php'); |
4062 | + } |
4063 | + |
4064 | + public function DataSetFilter() |
4065 | + { |
4066 | + $id = uniqid(); |
4067 | + |
4068 | + $xiboGrid = <<<HTML |
4069 | + <div class="XiboGrid" id="$id"> |
4070 | + <div class="XiboFilter"> |
4071 | + <form onsubmit="return false"> |
4072 | + <input type="hidden" name="p" value="dataset"> |
4073 | + <input type="hidden" name="q" value="DataSetGrid"> |
4074 | + </form> |
4075 | + </div> |
4076 | + <div class="XiboData"> |
4077 | + |
4078 | + </div> |
4079 | + </div> |
4080 | +HTML; |
4081 | + echo $xiboGrid; |
4082 | + } |
4083 | + |
4084 | + public function DataSetGrid() |
4085 | + { |
4086 | + $db =& $this->db; |
4087 | + $user =& $this->user; |
4088 | + $response = new ResponseManager(); |
4089 | + |
4090 | + $msgEdit = __('Edit'); |
4091 | + $msgDelete = __('Delete'); |
4092 | + $msgPermissions = __('Permissions'); |
4093 | + |
4094 | + $output = <<<END |
4095 | + <div class="info_table"> |
4096 | + <table style="width:100%"> |
4097 | + <thead> |
4098 | + <tr> |
4099 | + <th>Name</th> |
4100 | + <th>Description</th> |
4101 | + <th>Owner</th> |
4102 | + <th>$msgPermissions</th> |
4103 | + <th>Action</th> |
4104 | + </tr> |
4105 | + </thead> |
4106 | + <tbody> |
4107 | +END; |
4108 | + |
4109 | + foreach($this->user->DataSetList() as $dataSet) |
4110 | + { |
4111 | + $auth = $user->DataSetAuth($dataSet['datasetid'], true); |
4112 | + $owner = $user->getNameFromID($dataSet['ownerid']); |
4113 | + $groups = $this->GroupsForDataSet($dataSet['datasetid']); |
4114 | + |
4115 | + $output .= '<tr>'; |
4116 | + $output .= ' <td>' . $dataSet['dataset'] . '</td>'; |
4117 | + $output .= ' <td>' . $dataSet['description'] . '</td>'; |
4118 | + $output .= ' <td>' . $owner . '</td>'; |
4119 | + $output .= ' <td>' . $groups . '</td>'; |
4120 | + $output .= ' <td>'; |
4121 | + |
4122 | + if ($auth->edit) |
4123 | + { |
4124 | + $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DataSetDataForm&datasetid=' . $dataSet['datasetid'] . '&dataset=' . $dataSet['dataset'] . '"><span>' . __('View Data') . '</span></button>'; |
4125 | + $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSet['datasetid'] . '&dataset=' . $dataSet['dataset'] . '"><span>' . __('View Columns') . '</span></button>'; |
4126 | + $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=EditDataSetForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgEdit . '</span></button>'; |
4127 | + } |
4128 | + |
4129 | + if ($auth->del) |
4130 | + $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DeleteDataSetForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgDelete . '</span></button>'; |
4131 | + |
4132 | + if ($auth->modifyPermissions) |
4133 | + $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=PermissionsForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgPermissions . '</span></button>'; |
4134 | + |
4135 | + $output .= ' </td>'; |
4136 | + $output .= '</tr>'; |
4137 | + } |
4138 | + |
4139 | + $output .= '</tbody></table></div>'; |
4140 | + $response->SetGridResponse($output); |
4141 | + $response->Respond(); |
4142 | + } |
4143 | + |
4144 | + public function AddDataSetForm() |
4145 | + { |
4146 | + $db =& $this->db; |
4147 | + $user =& $this->user; |
4148 | + $response = new ResponseManager(); |
4149 | + |
4150 | + $helpManager = new HelpManager($db, $user); |
4151 | + |
4152 | + $msgName = __('Name'); |
4153 | + $msgDesc = __('Description'); |
4154 | + |
4155 | + $form = <<<END |
4156 | + <form id="AddDataSetForm" class="XiboForm" method="post" action="index.php?p=dataset&q=AddDataSet"> |
4157 | + <table> |
4158 | + <tr> |
4159 | + <td><label for="dataset" accesskey="n">$msgName<span class="required">*</span></label></td> |
4160 | + <td><input name="dataset" class="required" type="text" id="dataset" tabindex="1" /></td> |
4161 | + </tr> |
4162 | + <tr> |
4163 | + <td><label for="description" accesskey="d">$msgDesc</label></td> |
4164 | + <td><input name="description" type="text" id="description" tabindex="2" /></td> |
4165 | + </tr> |
4166 | + </table> |
4167 | + </form> |
4168 | +END; |
4169 | + |
4170 | + |
4171 | + $response->SetFormRequestResponse($form, __('Add DataSet'), '350px', '275px'); |
4172 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Add') . '")'); |
4173 | + $response->AddButton(__('Cancel'), 'XiboDialogClose()'); |
4174 | + $response->AddButton(__('Add'), '$("#AddDataSetForm").submit()'); |
4175 | + $response->Respond(); |
4176 | + } |
4177 | + |
4178 | + /** |
4179 | + * Add a dataset |
4180 | + */ |
4181 | + public function AddDataSet() |
4182 | + { |
4183 | + $db =& $this->db; |
4184 | + $user =& $this->user; |
4185 | + $response = new ResponseManager(); |
4186 | + |
4187 | + $dataSet = Kit::GetParam('dataset', _POST, _STRING); |
4188 | + $description = Kit::GetParam('description', _POST, _STRING); |
4189 | + |
4190 | + $dataSetObject = new DataSet($db); |
4191 | + if (!$dataSetId = $dataSetObject->Add($dataSet, $description, $this->user->userid)) |
4192 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4193 | + |
4194 | + // Also add one column |
4195 | + $dataSetColumn = new DataSetColumn($db); |
4196 | + $dataSetColumn->Add($dataSetId, 'Col1', 1, null, 1); |
4197 | + |
4198 | + $response->SetFormSubmitResponse(__('DataSet Added')); |
4199 | + $response->Respond(); |
4200 | + } |
4201 | + |
4202 | + public function EditDataSetForm() |
4203 | + { |
4204 | + $db =& $this->db; |
4205 | + $user =& $this->user; |
4206 | + $response = new ResponseManager(); |
4207 | + |
4208 | + $helpManager = new HelpManager($db, $user); |
4209 | + |
4210 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4211 | + |
4212 | + $auth = $user->DataSetAuth($dataSetId, true); |
4213 | + if (!$auth->edit) |
4214 | + trigger_error(__('Access Denied')); |
4215 | + |
4216 | + // Get the information we already know |
4217 | + $SQL = sprintf("SELECT DataSet, Description FROM dataset WHERE DataSetID = %d", $dataSetId); |
4218 | + |
4219 | + if (!$row = $db->GetSingleRow($SQL)) |
4220 | + trigger_error(__('Unable to get DataSet information')); |
4221 | + |
4222 | + $dataSet = $row['DataSet']; |
4223 | + $description = $row['Description']; |
4224 | + |
4225 | + $msgName = __('Name'); |
4226 | + $msgDesc = __('Description'); |
4227 | + |
4228 | + $form = <<<END |
4229 | + <form id="EditDataSetForm" class="XiboForm" method="post" action="index.php?p=dataset&q=EditDataSet"> |
4230 | + <input type="hidden" name="datasetid" value="$dataSetId" /> |
4231 | + <table> |
4232 | + <tr> |
4233 | + <td><label for="dataset" accesskey="n">$msgName<span class="required">*</span></label></td> |
4234 | + <td><input name="dataset" class="required" type="text" id="dataset" tabindex="1" value="$dataSet" /></td> |
4235 | + </tr> |
4236 | + <tr> |
4237 | + <td><label for="description" accesskey="d">$msgDesc</label></td> |
4238 | + <td><input name="description" type="text" id="description" tabindex="2" value="$description" /></td> |
4239 | + </tr> |
4240 | + </table> |
4241 | + </form> |
4242 | +END; |
4243 | + |
4244 | + |
4245 | + $response->SetFormRequestResponse($form, __('Edit DataSet'), '350px', '275px'); |
4246 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Add') . '")'); |
4247 | + $response->AddButton(__('Cancel'), 'XiboDialogClose()'); |
4248 | + $response->AddButton(__('Edit'), '$("#EditDataSetForm").submit()'); |
4249 | + $response->Respond(); |
4250 | + } |
4251 | + |
4252 | + public function EditDataSet() |
4253 | + { |
4254 | + $db =& $this->db; |
4255 | + $user =& $this->user; |
4256 | + $response = new ResponseManager(); |
4257 | + |
4258 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4259 | + |
4260 | + $auth = $user->DataSetAuth($dataSetId, true); |
4261 | + if (!$auth->edit) |
4262 | + trigger_error(__('Access Denied')); |
4263 | + |
4264 | + $dataSet = Kit::GetParam('dataset', _POST, _STRING); |
4265 | + $description = Kit::GetParam('description', _POST, _STRING); |
4266 | + |
4267 | + $dataSetObject = new DataSet($db); |
4268 | + if (!$dataSetObject->Edit($dataSetId, $dataSet, $description)) |
4269 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4270 | + |
4271 | + $response->SetFormSubmitResponse(__('DataSet Edited')); |
4272 | + $response->Respond(); |
4273 | + } |
4274 | + |
4275 | + /** |
4276 | + * Return the Delete Form as HTML |
4277 | + * @return |
4278 | + */ |
4279 | + public function DeleteDataSetForm() |
4280 | + { |
4281 | + $db =& $this->db; |
4282 | + $response = new ResponseManager(); |
4283 | + $helpManager = new HelpManager($db, $this->user); |
4284 | + |
4285 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4286 | + |
4287 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4288 | + if (!$auth->del) |
4289 | + trigger_error(__('Access Denied')); |
4290 | + |
4291 | + // Translate messages |
4292 | + $msgDelete = __('Are you sure you want to delete this DataSet?'); |
4293 | + $msgYes = __('Yes'); |
4294 | + $msgNo = __('No'); |
4295 | + |
4296 | + //we can delete |
4297 | + $form = <<<END |
4298 | + <form id="DataSetDeleteForm" class="XiboForm" method="post" action="index.php?p=dataset&q=DeleteDataSet"> |
4299 | + <input type="hidden" name="datasetid" value="$dataSetId"> |
4300 | + <p>$msgDelete</p> |
4301 | + </form> |
4302 | +END; |
4303 | + |
4304 | + $response->SetFormRequestResponse($form, __('Delete this DataSet?'), '350px', '200px'); |
4305 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Delete') . '")'); |
4306 | + $response->AddButton(__('Cancel'), 'XiboDialogClose()'); |
4307 | + $response->AddButton(__('Delete'), '$("#DataSetDeleteForm").submit()'); |
4308 | + $response->Respond(); |
4309 | + } |
4310 | + |
4311 | + public function DeleteDataSet() |
4312 | + { |
4313 | + $db =& $this->db; |
4314 | + $user =& $this->user; |
4315 | + $response = new ResponseManager(); |
4316 | + |
4317 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4318 | + |
4319 | + $auth = $user->DataSetAuth($dataSetId, true); |
4320 | + if (!$auth->del) |
4321 | + trigger_error(__('Access Denied')); |
4322 | + |
4323 | + $dataSetObject = new DataSet($db); |
4324 | + if (!$dataSetObject->Delete($dataSetId)) |
4325 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4326 | + |
4327 | + $response->SetFormSubmitResponse(__('DataSet Deleted')); |
4328 | + $response->Respond(); |
4329 | + } |
4330 | + |
4331 | + public function DataSetColumnsForm() |
4332 | + { |
4333 | + $db =& $this->db; |
4334 | + $response = new ResponseManager(); |
4335 | + $helpManager = new HelpManager($db, $this->user); |
4336 | + |
4337 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4338 | + $dataSet = Kit::GetParam('dataset', _GET, _STRING); |
4339 | + |
4340 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4341 | + if (!$auth->edit) |
4342 | + trigger_error(__('Access Denied')); |
4343 | + |
4344 | + $msgEdit = __('Edit'); |
4345 | + $msgDelete = __('Delete'); |
4346 | + |
4347 | + $form = <<<END |
4348 | + <div class="info_table"> |
4349 | + <table style="width:100%"> |
4350 | + <thead> |
4351 | + <tr> |
4352 | + <th>Heading</th> |
4353 | + <th>Data Type</th> |
4354 | + <th>List Content</th> |
4355 | + <th>Column Order</th> |
4356 | + <th>Action</th> |
4357 | + </tr> |
4358 | + </thead> |
4359 | + <tbody> |
4360 | +END; |
4361 | + |
4362 | + $SQL = ""; |
4363 | + $SQL .= "SELECT DataSetColumnID, Heading, DataTypeID, ListContent, ColumnOrder "; |
4364 | + $SQL .= " FROM datasetcolumn "; |
4365 | + $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId); |
4366 | + $SQL .= "ORDER BY ColumnOrder "; |
4367 | + |
4368 | + if (!$results = $db->query($SQL)) |
4369 | + trigger_error(__('Unable to get columns for DataSet')); |
4370 | + |
4371 | + while ($row = $db->get_assoc_row($results)) |
4372 | + { |
4373 | + $form .= '<tr>'; |
4374 | + $form .= ' <td>' . $row['Heading'] . '</td>'; |
4375 | + $form .= ' <td>String</td>'; |
4376 | + $form .= ' <td>' . $row['ListContent'] . '</td>'; |
4377 | + $form .= ' <td>' . $row['ColumnOrder'] . '</td>'; |
4378 | + $form .= ' <td>'; |
4379 | + $form .= ' <button class="XiboFormButton" href="index.php?p=dataset&q=EditDataSetColumnForm&datasetid=' . $dataSetId . '&datasetcolumnid=' . $row['DataSetColumnID'] . '&dataset=' . $dataSet . '"><span>' . $msgEdit . '</span></button>'; |
4380 | + |
4381 | + if ($auth->del) |
4382 | + $form .= ' <button class="XiboFormButton" href="index.php?p=dataset&q=DeleteDataSetColumnForm&datasetid=' . $dataSetId . '&datasetcolumnid=' . $row['DataSetColumnID'] . '&dataset=' . $dataSet . '"><span>' . $msgDelete . '</span></button>'; |
4383 | + |
4384 | + $form .= ' </td>'; |
4385 | + $form .= '</tr>'; |
4386 | + } |
4387 | + |
4388 | + $form .= '</tbody></table></div>'; |
4389 | + |
4390 | + $response->SetFormRequestResponse($form, sprintf(__('Columns for %s'), $dataSet), '550px', '400px'); |
4391 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'ViewColumns') . '")'); |
4392 | + $response->AddButton(__('Close'), 'XiboDialogClose()'); |
4393 | + $response->AddButton(__('Add Column'), 'XiboFormRender("index.php?p=dataset&q=AddDataSetColumnForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); |
4394 | + $response->Respond(); |
4395 | + } |
4396 | + |
4397 | + public function AddDataSetColumnForm() |
4398 | + { |
4399 | + $db =& $this->db; |
4400 | + $response = new ResponseManager(); |
4401 | + $helpManager = new HelpManager($db, $this->user); |
4402 | + |
4403 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4404 | + $dataSet = Kit::GetParam('dataset', _GET, _STRING); |
4405 | + |
4406 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4407 | + if (!$auth->edit) |
4408 | + trigger_error(__('Access Denied')); |
4409 | + |
4410 | + $msgHeading = __('Heading'); |
4411 | + $msgListContent = __('List Content'); |
4412 | + $msgColumnOrder = __('Column Order'); |
4413 | + |
4414 | + $form = <<<END |
4415 | + <form id="DataSetColumnEditForm" class="XiboForm" method="post" action="index.php?p=dataset&q=AddDataSetColumn"> |
4416 | + <input type="hidden" name="dataset" value="$dataSet" /> |
4417 | + <input type="hidden" name="datasetid" value="$dataSetId" /> |
4418 | + <table> |
4419 | + <tr> |
4420 | + <td><label for="heading" accesskey="h">$msgHeading<span class="required">*</span></label></td> |
4421 | + <td><input name="heading" class="required" type="text" id="heading" tabindex="1" /></td> |
4422 | + </tr> |
4423 | + <tr> |
4424 | + <td><label for="listcontent" accesskey="l">$msgListContent</label></td> |
4425 | + <td><input name="listcontent" type="text" id="listcontent" tabindex="2" /></td> |
4426 | + </tr> |
4427 | + <tr> |
4428 | + <td><label for="columnorder" accesskey="c">$msgColumnOrder</label></td> |
4429 | + <td><input name="columnorder" type="text" id="columnorder" tabindex="3" /></td> |
4430 | + </tr> |
4431 | + </table> |
4432 | + </form> |
4433 | +END; |
4434 | + |
4435 | + $response->SetFormRequestResponse($form, __('Add Column'), '450px', '400px'); |
4436 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'EditColumn') . '")'); |
4437 | + $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); |
4438 | + $response->AddButton(__('Save'), '$("#DataSetColumnEditForm").submit()'); |
4439 | + $response->Respond(); |
4440 | + } |
4441 | + |
4442 | + public function AddDataSetColumn() |
4443 | + { |
4444 | + $db =& $this->db; |
4445 | + $user =& $this->user; |
4446 | + $response = new ResponseManager(); |
4447 | + |
4448 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4449 | + $dataSet = Kit::GetParam('dataset', _POST, _STRING); |
4450 | + |
4451 | + $auth = $user->DataSetAuth($dataSetId, true); |
4452 | + if (!$auth->edit) |
4453 | + trigger_error(__('Access Denied')); |
4454 | + |
4455 | + $heading = Kit::GetParam('heading', _POST, _WORD); |
4456 | + $listContent = Kit::GetParam('listcontent', _POST, _STRING); |
4457 | + $columnOrder = Kit::GetParam('columnorder', _POST, _INT); |
4458 | + |
4459 | + $dataSetObject = new DataSetColumn($db); |
4460 | + if (!$dataSetObject->Add($dataSetId, $heading, 1, $listContent)) |
4461 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4462 | + |
4463 | + $response->SetFormSubmitResponse(__('Column Edited')); |
4464 | + $response->hideMessage = true; |
4465 | + $response->loadForm = true; |
4466 | + $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet; |
4467 | + $response->Respond(); |
4468 | + } |
4469 | + |
4470 | + public function EditDataSetColumnForm() |
4471 | + { |
4472 | + $db =& $this->db; |
4473 | + $response = new ResponseManager(); |
4474 | + $helpManager = new HelpManager($db, $this->user); |
4475 | + |
4476 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4477 | + $dataSetColumnId = Kit::GetParam('datasetcolumnid', _GET, _INT); |
4478 | + $dataSet = Kit::GetParam('dataset', _GET, _STRING); |
4479 | + |
4480 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4481 | + if (!$auth->edit) |
4482 | + trigger_error(__('Access Denied')); |
4483 | + |
4484 | + // Get some information about this data set column |
4485 | + $SQL = sprintf("SELECT Heading, ListContent, ColumnOrder FROM datasetcolumn WHERE DataSetColumnID = %d", $dataSetColumnId); |
4486 | + |
4487 | + if (!$row = $db->GetSingleRow($SQL)) |
4488 | + trigger_error(__('Unabled to get Data Column information'), E_USER_ERROR); |
4489 | + |
4490 | + $heading = Kit::ValidateParam($row['Heading'], _WORD); |
4491 | + $listContent = Kit::ValidateParam($row['ListContent'], _STRING); |
4492 | + $columnOrder = Kit::ValidateParam($row['ColumnOrder'], _INT); |
4493 | + |
4494 | + $msgHeading = __('Heading'); |
4495 | + $msgListContent = __('List Content'); |
4496 | + $msgColumnOrder = __('Column Order'); |
4497 | + |
4498 | + $form = <<<END |
4499 | + <form id="DataSetColumnEditForm" class="XiboForm" method="post" action="index.php?p=dataset&q=EditDataSetColumn"> |
4500 | + <input type="hidden" name="dataset" value="$dataSet" /> |
4501 | + <input type="hidden" name="datasetid" value="$dataSetId" /> |
4502 | + <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId" /> |
4503 | + <table> |
4504 | + <tr> |
4505 | + <td><label for="heading" accesskey="h">$msgHeading<span class="required">*</span></label></td> |
4506 | + <td><input name="heading" class="required" type="text" id="heading" tabindex="1" value="$heading" /></td> |
4507 | + </tr> |
4508 | + <tr> |
4509 | + <td><label for="listcontent" accesskey="l">$msgListContent</label></td> |
4510 | + <td><input name="listcontent" type="text" id="listcontent" tabindex="2" value="$listContent" /></td> |
4511 | + </tr> |
4512 | + <tr> |
4513 | + <td><label for="columnorder" accesskey="c">$msgColumnOrder</label></td> |
4514 | + <td><input name="columnorder" type="text" id="columnorder" tabindex="3" value="$columnOrder" /></td> |
4515 | + </tr> |
4516 | + </table> |
4517 | + </form> |
4518 | +END; |
4519 | + |
4520 | + $response->SetFormRequestResponse($form, __('Edit Column'), '450px', '400px'); |
4521 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'EditColumn') . '")'); |
4522 | + $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); |
4523 | + $response->AddButton(__('Save'), '$("#DataSetColumnEditForm").submit()'); |
4524 | + $response->Respond(); |
4525 | + } |
4526 | + |
4527 | + public function EditDataSetColumn() |
4528 | + { |
4529 | + $db =& $this->db; |
4530 | + $user =& $this->user; |
4531 | + $response = new ResponseManager(); |
4532 | + |
4533 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4534 | + $dataSet = Kit::GetParam('dataset', _POST, _STRING); |
4535 | + |
4536 | + $auth = $user->DataSetAuth($dataSetId, true); |
4537 | + if (!$auth->edit) |
4538 | + trigger_error(__('Access Denied')); |
4539 | + |
4540 | + $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); |
4541 | + $heading = Kit::GetParam('heading', _POST, _WORD); |
4542 | + $listContent = Kit::GetParam('listcontent', _POST, _STRING); |
4543 | + $columnOrder = Kit::GetParam('columnorder', _POST, _INT); |
4544 | + |
4545 | + $dataSetObject = new DataSetColumn($db); |
4546 | + if (!$dataSetObject->Edit($dataSetColumnId, $heading, 1, $listContent, $columnOrder)) |
4547 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4548 | + |
4549 | + $response->SetFormSubmitResponse(__('Column Edited')); |
4550 | + $response->hideMessage = true; |
4551 | + $response->loadForm = true; |
4552 | + $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet; |
4553 | + $response->Respond(); |
4554 | + } |
4555 | + |
4556 | + public function DeleteDataSetColumnForm() |
4557 | + { |
4558 | + $db =& $this->db; |
4559 | + $response = new ResponseManager(); |
4560 | + $helpManager = new HelpManager($db, $this->user); |
4561 | + |
4562 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4563 | + $dataSet = Kit::GetParam('dataset', _GET, _STRING); |
4564 | + |
4565 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4566 | + if (!$auth->edit) |
4567 | + trigger_error(__('Access Denied')); |
4568 | + |
4569 | + $dataSetColumnId = Kit::GetParam('datasetcolumnid', _GET, _INT); |
4570 | + |
4571 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4572 | + if (!$auth->del) |
4573 | + trigger_error(__('Access Denied')); |
4574 | + |
4575 | + // Translate messages |
4576 | + $msgDelete = __('Are you sure you want to delete this Column?'); |
4577 | + $msgYes = __('Yes'); |
4578 | + $msgNo = __('No'); |
4579 | + |
4580 | + //we can delete |
4581 | + $form = <<<END |
4582 | + <form id="DataSetColumnDeleteForm" class="XiboForm" method="post" action="index.php?p=dataset&q=DeleteDataSetColumn"> |
4583 | + <input type="hidden" name="datasetid" value="$dataSetId"> |
4584 | + <input type="hidden" name="dataset" value="$dataSet"> |
4585 | + <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId"> |
4586 | + <p>$msgDelete</p> |
4587 | + </form> |
4588 | +END; |
4589 | + |
4590 | + $response->SetFormRequestResponse($form, __('Delete this Column?'), '350px', '200px'); |
4591 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'DeleteColumn') . '")'); |
4592 | + $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); |
4593 | + $response->AddButton(__('Delete'), '$("#DataSetColumnDeleteForm").submit()'); |
4594 | + $response->Respond(); |
4595 | + } |
4596 | + |
4597 | + public function DeleteDataSetColumn() |
4598 | + { |
4599 | + $db =& $this->db; |
4600 | + $user =& $this->user; |
4601 | + $response = new ResponseManager(); |
4602 | + |
4603 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4604 | + $dataSet = Kit::GetParam('dataset', _POST, _STRING); |
4605 | + |
4606 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4607 | + if (!$auth->edit) |
4608 | + trigger_error(__('Access Denied')); |
4609 | + |
4610 | + $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); |
4611 | + |
4612 | + $dataSetObject = new DataSetColumn($db); |
4613 | + if (!$dataSetObject->Delete($dataSetColumnId)) |
4614 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4615 | + |
4616 | + $response->SetFormSubmitResponse(__('Column Deleted')); |
4617 | + $response->hideMessage = true; |
4618 | + $response->loadForm = true; |
4619 | + $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet; |
4620 | + $response->Respond(); |
4621 | + } |
4622 | + |
4623 | + public function DataSetDataForm() |
4624 | + { |
4625 | + $db =& $this->db; |
4626 | + $response = new ResponseManager(); |
4627 | + $helpManager = new HelpManager($db, $this->user); |
4628 | + |
4629 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4630 | + $dataSet = Kit::GetParam('dataset', _GET, _STRING); |
4631 | + |
4632 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4633 | + if (!$auth->edit) |
4634 | + trigger_error(__('Access Denied')); |
4635 | + |
4636 | + // Get the max number of rows |
4637 | + $SQL = ""; |
4638 | + $SQL .= "SELECT MAX(RowNumber) AS RowNumber, COUNT(DISTINCT datasetcolumn.DataSetColumnID) AS ColNumber "; |
4639 | + $SQL .= " FROM datasetdata "; |
4640 | + $SQL .= " RIGHT OUTER JOIN datasetcolumn "; |
4641 | + $SQL .= " ON datasetcolumn.DataSetColumnID = datasetdata.DataSetColumnID "; |
4642 | + $SQL .= sprintf("WHERE datasetcolumn.DataSetID = %d ", $dataSetId); |
4643 | + |
4644 | + Debug::LogEntry($db, 'audit', $SQL, 'dataset', 'DataSetDataForm'); |
4645 | + |
4646 | + if (!$maxResult = $db->GetSingleRow($SQL)) |
4647 | + { |
4648 | + trigger_error($db->error()); |
4649 | + trigger_error(__('Unable to find the number of data points'), E_USER_ERROR); |
4650 | + } |
4651 | + |
4652 | + $maxRows = $maxResult['RowNumber']; |
4653 | + $maxCols = $maxResult['ColNumber']; |
4654 | + |
4655 | + // Get some information about the columns in this dataset |
4656 | + $SQL = "SELECT Heading, DataSetColumnID, ListContent, ColumnOrder FROM datasetcolumn WHERE DataSetID = %d "; |
4657 | + $SQL .= "ORDER BY ColumnOrder "; |
4658 | + |
4659 | + if (!$results = $db->query(sprintf($SQL, $dataSetId))) |
4660 | + { |
4661 | + trigger_error($db->error()); |
4662 | + trigger_error(__('Unable to find the column headings'), E_USER_ERROR); |
4663 | + } |
4664 | + |
4665 | + $columnDefinition = array(); |
4666 | + |
4667 | + $form = '<div class="info_table">'; |
4668 | + $form .= '<table style="width:100%">'; |
4669 | + $form .= ' <tr>'; |
4670 | + $form .= ' <th>' . __('Row Number') . '</th>'; |
4671 | + |
4672 | + while ($row = $db->get_assoc_row($results)) |
4673 | + { |
4674 | + $columnDefinition[] = $row; |
4675 | + $heading = $row['Heading']; |
4676 | + |
4677 | + $form .= ' <th>' . $heading . '</th>'; |
4678 | + } |
4679 | + |
4680 | + $form .= '</tr>'; |
4681 | + |
4682 | + // Loop through the max rows |
4683 | + for ($row = 1; $row <= $maxRows + 2; $row++) |
4684 | + { |
4685 | + $form .= '<tr>'; |
4686 | + $form .= ' <td>' . $row . '</td>'; |
4687 | + |
4688 | + // $row is the current row |
4689 | + for ($col = 0; $col < $maxCols; $col++) |
4690 | + { |
4691 | + $dataSetColumnId = $columnDefinition[$col]['DataSetColumnID']; |
4692 | + $listContent = $columnDefinition[$col]['ListContent']; |
4693 | + $columnOrder = $columnDefinition[$col]['ColumnOrder']; |
4694 | + |
4695 | + // Value for this Col/Row |
4696 | + $value = ''; |
4697 | + |
4698 | + if ($row <= $maxRows) |
4699 | + { |
4700 | + // This is intended to be a blank row |
4701 | + $SQL = ""; |
4702 | + $SQL .= "SELECT Value "; |
4703 | + $SQL .= " FROM datasetdata "; |
4704 | + $SQL .= "WHERE datasetdata.RowNumber = %d "; |
4705 | + $SQL .= " AND datasetdata.DataSetColumnID = %d "; |
4706 | + $SQL = sprintf($SQL, $row, $dataSetColumnId); |
4707 | + |
4708 | + Debug::LogEntry($db, 'audit', $SQL, 'dataset'); |
4709 | + |
4710 | + if (!$results = $db->query($SQL)) |
4711 | + { |
4712 | + trigger_error($db->error()); |
4713 | + trigger_error(__('Can not get the data row/column'), E_USER_ERROR); |
4714 | + } |
4715 | + |
4716 | + if ($db->num_rows($results) == 0) |
4717 | + { |
4718 | + $value = ''; |
4719 | + } |
4720 | + else |
4721 | + { |
4722 | + $valueRow = $db->get_assoc_row($results); |
4723 | + $value = $valueRow['Value']; |
4724 | + } |
4725 | + } |
4726 | + |
4727 | + // Do we need a select list? |
4728 | + if ($listContent != '') |
4729 | + { |
4730 | + $listItems = explode(',', $listContent); |
4731 | + $selected = ($value == '') ? ' selected' : ''; |
4732 | + $select = '<select name="value">'; |
4733 | + $select.= ' <option value="" ' . $selected . '></option>'; |
4734 | + |
4735 | + for ($i=0; $i < count($listItems); $i++) |
4736 | + { |
4737 | + $selected = ($listItems[$i] == $value) ? ' selected' : ''; |
4738 | + |
4739 | + $select .= '<option value="' . $listItems[$i] . '" ' . $selected . '>' . $listItems[$i] . '</option>'; |
4740 | + } |
4741 | + |
4742 | + $select .= '</select>'; |
4743 | + } |
4744 | + else |
4745 | + { |
4746 | + $select = '<input type="text" name="value" value="' . $value . '">'; |
4747 | + } |
4748 | + |
4749 | + $action = ($value == '') ? 'AddDataSetData' : 'EditDataSetData'; |
4750 | + $fieldId = uniqid(); |
4751 | + |
4752 | + $form .= <<<END |
4753 | + <td> |
4754 | + <form id="$fieldId" class="XiboDataSetDataForm" action="index.php?p=dataset&q=$action"> |
4755 | + <input type="hidden" name="fieldid" value="$fieldId"> |
4756 | + <input type="hidden" name="datasetid" value="$dataSetId"> |
4757 | + <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId"> |
4758 | + <input type="hidden" name="rownumber" value="$row"> |
4759 | + $select |
4760 | + </form> |
4761 | + </td> |
4762 | +END; |
4763 | + |
4764 | + |
4765 | + } //cols loop |
4766 | + |
4767 | + $form .= '</tr>'; |
4768 | + } //rows loop |
4769 | + |
4770 | + $form .= '</table></div>'; |
4771 | + |
4772 | + $response->SetFormRequestResponse($form, $dataSet, '750px', '600px', 'dataSetData'); |
4773 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Data') . '")'); |
4774 | + $response->AddButton(__('Add Rows'), 'XiboFormRender("index.php?p=dataset&q=DataSetDataForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")'); |
4775 | + $response->AddButton(__('Done'), 'XiboDialogClose()'); |
4776 | + $response->Respond(); |
4777 | + } |
4778 | + |
4779 | + public function AddDataSetData() |
4780 | + { |
4781 | + $db =& $this->db; |
4782 | + $user =& $this->user; |
4783 | + $response = new ResponseManager(); |
4784 | + |
4785 | + $response->uniqueReference = Kit::GetParam('fieldid', _POST, _WORD); |
4786 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4787 | + $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); |
4788 | + $rowNumber = Kit::GetParam('rownumber', _POST, _INT); |
4789 | + $value = Kit::GetParam('value', _POST, _STRING); |
4790 | + |
4791 | + $auth = $user->DataSetAuth($dataSetId, true); |
4792 | + if (!$auth->edit) |
4793 | + trigger_error(__('Access Denied')); |
4794 | + |
4795 | + $dataSetObject = new DataSetData($db); |
4796 | + if (!$dataSetObject->Add($dataSetColumnId, $rowNumber, $value)) |
4797 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4798 | + |
4799 | + $response->SetFormSubmitResponse(__('Data Added')); |
4800 | + $response->loadFormUri = 'index.php?p=dataset&q=EditDataSetData'; |
4801 | + $response->hideMessage = true; |
4802 | + $response->keepOpen = true; |
4803 | + $response->Respond(); |
4804 | + } |
4805 | + |
4806 | + public function EditDataSetData() |
4807 | + { |
4808 | + $db =& $this->db; |
4809 | + $user =& $this->user; |
4810 | + $response = new ResponseManager(); |
4811 | + |
4812 | + $response->uniqueReference = Kit::GetParam('fieldid', _POST, _WORD); |
4813 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4814 | + $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT); |
4815 | + $rowNumber = Kit::GetParam('rownumber', _POST, _INT); |
4816 | + $value = Kit::GetParam('value', _POST, _STRING); |
4817 | + |
4818 | + $auth = $user->DataSetAuth($dataSetId, true); |
4819 | + if (!$auth->edit) |
4820 | + trigger_error(__('Access Denied')); |
4821 | + |
4822 | + if ($value == '') |
4823 | + { |
4824 | + $dataSetObject = new DataSetData($db); |
4825 | + if (!$dataSetObject->Delete($dataSetColumnId, $rowNumber)) |
4826 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4827 | + |
4828 | + $response->SetFormSubmitResponse(__('Data Deleted')); |
4829 | + $response->loadFormUri = 'index.php?p=dataset&q=AddDataSetData'; |
4830 | + } |
4831 | + else |
4832 | + { |
4833 | + $dataSetObject = new DataSetData($db); |
4834 | + if (!$dataSetObject->Edit($dataSetColumnId, $rowNumber, $value)) |
4835 | + trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR); |
4836 | + |
4837 | + $response->SetFormSubmitResponse(__('Data Edited')); |
4838 | + $response->loadFormUri = 'index.php?p=dataset&q=EditDataSetData'; |
4839 | + } |
4840 | + |
4841 | + $response->hideMessage = true; |
4842 | + $response->keepOpen = true; |
4843 | + $response->Respond(); |
4844 | + } |
4845 | + |
4846 | + /** |
4847 | + * Get a list of group names for a layout |
4848 | + * @param <type> $layoutId |
4849 | + * @return <type> |
4850 | + */ |
4851 | + private function GroupsForDataSet($dataSetId) |
4852 | + { |
4853 | + $db =& $this->db; |
4854 | + |
4855 | + $SQL = ''; |
4856 | + $SQL .= 'SELECT `group`.Group '; |
4857 | + $SQL .= ' FROM `group` '; |
4858 | + $SQL .= ' INNER JOIN lkdatasetgroup '; |
4859 | + $SQL .= ' ON `group`.GroupID = lkdatasetgroup.GroupID '; |
4860 | + $SQL .= ' WHERE lkdatasetgroup.DataSetID = %d '; |
4861 | + |
4862 | + $SQL = sprintf($SQL, $dataSetId); |
4863 | + |
4864 | + if (!$results = $db->query($SQL)) |
4865 | + { |
4866 | + trigger_error($db->error()); |
4867 | + trigger_error(__('Unable to get group information for dataset'), E_USER_ERROR); |
4868 | + } |
4869 | + |
4870 | + $groups = ''; |
4871 | + |
4872 | + while ($row = $db->get_assoc_row($results)) |
4873 | + { |
4874 | + $groups .= $row['Group'] . ', '; |
4875 | + } |
4876 | + |
4877 | + $groups = trim($groups); |
4878 | + $groups = trim($groups, ','); |
4879 | + |
4880 | + return $groups; |
4881 | + } |
4882 | + |
4883 | + public function PermissionsForm() |
4884 | + { |
4885 | + $db =& $this->db; |
4886 | + $user =& $this->user; |
4887 | + $response = new ResponseManager(); |
4888 | + $helpManager = new HelpManager($db, $user); |
4889 | + |
4890 | + $dataSetId = Kit::GetParam('datasetid', _GET, _INT); |
4891 | + |
4892 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4893 | + |
4894 | + if (!$auth->modifyPermissions) |
4895 | + trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR); |
4896 | + |
4897 | + // Form content |
4898 | + $form = '<form id="DataSetPermissionsForm" class="XiboForm" method="post" action="index.php?p=dataset&q=Permissions">'; |
4899 | + $form .= '<input type="hidden" name="datasetid" value="' . $dataSetId . '" />'; |
4900 | + $form .= '<div class="dialog_table">'; |
4901 | + $form .= ' <table style="width:100%">'; |
4902 | + $form .= ' <tr>'; |
4903 | + $form .= ' <th>' . __('Group') . '</th>'; |
4904 | + $form .= ' <th>' . __('View') . '</th>'; |
4905 | + $form .= ' <th>' . __('Edit') . '</th>'; |
4906 | + $form .= ' <th>' . __('Delete') . '</th>'; |
4907 | + $form .= ' </tr>'; |
4908 | + |
4909 | + // List of all Groups with a view/edit/delete checkbox |
4910 | + $SQL = ''; |
4911 | + $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific '; |
4912 | + $SQL .= ' FROM `group` '; |
4913 | + $SQL .= ' LEFT OUTER JOIN lkdatasetgroup '; |
4914 | + $SQL .= ' ON lkdatasetgroup.GroupID = group.GroupID '; |
4915 | + $SQL .= ' AND lkdatasetgroup.DataSetID = %d '; |
4916 | + $SQL .= ' WHERE `group`.GroupID <> %d '; |
4917 | + $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` '; |
4918 | + |
4919 | + $SQL = sprintf($SQL, $dataSetId, $user->getGroupFromId($user->userid, true)); |
4920 | + |
4921 | + if (!$results = $db->query($SQL)) |
4922 | + { |
4923 | + trigger_error($db->error()); |
4924 | + trigger_error(__('Unable to get permissions for this dataset'), E_USER_ERROR); |
4925 | + } |
4926 | + |
4927 | + while($row = $db->get_assoc_row($results)) |
4928 | + { |
4929 | + $groupId = $row['GroupID']; |
4930 | + $group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group']; |
4931 | + |
4932 | + $form .= '<tr>'; |
4933 | + $form .= ' <td>' . $group . '</td>'; |
4934 | + $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>'; |
4935 | + $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>'; |
4936 | + $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>'; |
4937 | + $form .= '</tr>'; |
4938 | + } |
4939 | + |
4940 | + $form .= '</table>'; |
4941 | + $form .= '</div>'; |
4942 | + $form .= '</form>'; |
4943 | + |
4944 | + $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px'); |
4945 | + $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Layout', 'Permissions') . '")'); |
4946 | + $response->AddButton(__('Cancel'), 'XiboDialogClose()'); |
4947 | + $response->AddButton(__('Save'), '$("#DataSetPermissionsForm").submit()'); |
4948 | + $response->Respond(); |
4949 | + } |
4950 | + |
4951 | + public function Permissions() |
4952 | + { |
4953 | + $db =& $this->db; |
4954 | + $user =& $this->user; |
4955 | + $response = new ResponseManager(); |
4956 | + Kit::ClassLoader('datasetgroupsecurity'); |
4957 | + |
4958 | + $dataSetId = Kit::GetParam('datasetid', _POST, _INT); |
4959 | + $groupIds = Kit::GetParam('groupids', _POST, _ARRAY); |
4960 | + |
4961 | + $auth = $this->user->DataSetAuth($dataSetId, true); |
4962 | + |
4963 | + if (!$auth->modifyPermissions) |
4964 | + trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR); |
4965 | + |
4966 | + // Unlink all |
4967 | + $security = new DataSetGroupSecurity($db); |
4968 | + if (!$security->UnlinkAll($dataSetId)) |
4969 | + trigger_error(__('Unable to set permissions')); |
4970 | + |
4971 | + // Some assignments for the loop |
4972 | + $lastGroupId = 0; |
4973 | + $first = true; |
4974 | + $view = 0; |
4975 | + $edit = 0; |
4976 | + $del = 0; |
4977 | + |
4978 | + // List of groupIds with view, edit and del assignments |
4979 | + foreach($groupIds as $groupPermission) |
4980 | + { |
4981 | + $groupPermission = explode('_', $groupPermission); |
4982 | + $groupId = $groupPermission[0]; |
4983 | + |
4984 | + if ($first) |
4985 | + { |
4986 | + // First time through |
4987 | + $first = false; |
4988 | + $lastGroupId = $groupId; |
4989 | + } |
4990 | + |
4991 | + if ($groupId != $lastGroupId) |
4992 | + { |
4993 | + // The groupId has changed, so we need to write the current settings to the db. |
4994 | + // Link new permissions |
4995 | + if (!$security->Link($dataSetId, $groupId, $view, $edit, $del)) |
4996 | + trigger_error(__('Unable to set permissions')); |
4997 | + |
4998 | + // Reset |
4999 | + $lastGroupId = $groupId; |
5000 | + $view = 0; |
The diff has been truncated for viewing.